Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
03/02/2024, 01:51
General
-
Target
2024-02-03_5d3272e8412961156f764dea284c81c7_icedid.exe
-
Size
380KB
-
MD5
5d3272e8412961156f764dea284c81c7
-
SHA1
49a955c2165b1ec2d353e11e2c90bdbedd03b0b3
-
SHA256
abfc149c37e081b21f2589cce49e5d80b706f9967ea402262c908ea156b1a324
-
SHA512
c98810fff3437cd051d3660d59b6111c88a5deeda4ce00492f65f9c62c1c7740d64b0814c792c1488288bc4224f9c30143a1b42cc0b5c5f9a84fbbb7ef4a8d81
-
SSDEEP
6144:oplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:oplrVbDdQaqdS/ofraFErH8uB2Wm0SXj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_5d3272e8412961156f764dea284c81c7_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_5d3272e8412961156f764dea284c81c7_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\upgrade\choices.exe"C:\Program Files\upgrade\choices.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
380KB
MD5a2808012e115cee67f616faacd6e5968
SHA141c421b6b5d5ac9910f858f211d6e2ea05693c33
SHA25657ff531fdb1d0abbfc4d9f13a44ed833647cf88401a5276ffecefa1a0f558386
SHA512a69a5036c02793d6aff0977176c692648dc7a0acd38640fb5cb857ec6755321409ccf1b0b951c1871984468016242417c1b459458dcd2707423933f5bcf1729b