Analysis
-
max time kernel
143s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
29/01/2024, 06:28
General
-
Target
2024-01-29_91aa4d806f768c124d46bfe37524ec3d_icedid.exe
-
Size
425KB
-
MD5
91aa4d806f768c124d46bfe37524ec3d
-
SHA1
81019b2c1dbfc9c95ae028cc307a570ad55cdcac
-
SHA256
11f36f7efa71632f5061e3d15234935d4e91a8344d2bfde81acf039b45bac526
-
SHA512
2a8ca46a98b15bc17b8b9b9c88f54d5f7d551f33df20094801c860f70c6a1e535d3f732152d9e9c0057f634aaa71f8c7ea0935261a2cae681039351fad68b75e
-
SSDEEP
12288:TplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:VxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-29_91aa4d806f768c124d46bfe37524ec3d_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-29_91aa4d806f768c124d46bfe37524ec3d_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Framework\skipto.exe"C:\Program Files\Framework\skipto.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
425KB
MD5c9e2e7a71086b0380dc9271e41c1fa79
SHA1a5bb032378691025d855c221de6d1afdacc49fce
SHA256c5920f44e8dbf13e962599472897119c33c89f996836e0efe2cf969f2d5ced5c
SHA5125d9ed11ce7fb3a0b1d26e7d45a757bae88fd61944eab422f662c2ead92257156020896036c7ed9230b96683a23e6483da01fce429b378844ecd81783917b8565