Overview

overview

7

Static

static

3

2024-02-01...id.exe

windows7-x64

7

2024-02-01...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/02/2024, 19:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-01_0761284f37ec93e47fc49089e53667d9_icedid.exe

  • Size

    273KB

  • MD5

    0761284f37ec93e47fc49089e53667d9

  • SHA1

    5e01f0aee2a9916c0596418d9fb91ebfe0dab4e6

  • SHA256

    3533f5c87b9db0fa8009f835fd3a9c8ebf2ca1c67bdb47db9d8a78e50292af48

  • SHA512

    90a826b07c76e3c9b343c5dd18465e7de492183b25bcbd13e268e972bb6b7996e06a6cf71313ea0ba57ca2b414b2bf8680c5e5d5d36900fd76e07ab68b01f3cf

  • SSDEEP

    3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-01_0761284f37ec93e47fc49089e53667d9_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-01_0761284f37ec93e47fc49089e53667d9_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1200
    • C:\Program Files\.exe
      "C:\Program Files\\.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2420

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Program Files\.exe
          Filesize

          273KB

          MD5

          f65a9974f32a982c82b4ea53c0726e44

          SHA1

          3824bf0bf2be3c1bb280deac827839806a95983c

          SHA256

          665b70ea121312017a028ff015319ca61dcc42077e4befe404565edce6321034

          SHA512

          1208997e284d1daac21b9905dbabda0015f73c1395474ad83ce633886ae839c73078ed01a2a99789a0277bed6c00d0cad0e91ca681b15c74be6b7954af5e32cd

          Download Submit