Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
129s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
01/02/2024, 21:30
General
-
Target
2024-02-01_df9599722a5eac4b1aaa590b15eabf1d_icedid.exe
-
Size
428KB
-
MD5
df9599722a5eac4b1aaa590b15eabf1d
-
SHA1
b751557f0986a056386f04fecfcd3b45c1ab16a7
-
SHA256
a1e84cc0f1b61e3da6da86436c4d5d48c7321a5da0acfea991be698b53507407
-
SHA512
497364a38dc6906428fd2adcef44b1e86d17f77c0f53fb42bc148cbedc76e4aed90b01a91129fb88bd007337c27c56ae5c284eb148ecebf9b0c4b5096d4a58f3
-
SSDEEP
12288:QplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:sxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-01_df9599722a5eac4b1aaa590b15eabf1d_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-01_df9599722a5eac4b1aaa590b15eabf1d_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Dsetup2\proper.exe"C:\Program Files\Dsetup2\proper.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5263e93440bf84206b01d0d229806f85e
SHA15efd285a406bb88ea288932610e2540d0f034ab9
SHA256eed160c0f657d73d9eb879b845d443f9a3815628901d6670503bffe82297967d
SHA512ac8f5748afc19ccbc79d4fe5b66579dff5017609f7c028018383c87e89cc8e0957967df4499d8cc5dcca8fb19bd292b4cfb70e68a520a3de2d251545b8fe32ac