Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
03-02-2024 19:27
General
-
Target
2024-02-03_633ef6e66fad69357a3092dc369ca92d_icedid.exe
-
Size
276KB
-
MD5
633ef6e66fad69357a3092dc369ca92d
-
SHA1
538f28cf8bae72e9b45882a154ce7fd773e1713b
-
SHA256
d17f16d358420ee851a8b08c8ec5bb6f52fa7744c656fff6dc48661e8c70a4ac
-
SHA512
f5d24890119549d9701c7a7c20fc2a35e5feef1237b6f1e091a1363d58751b214ebf6bd97937a072f867dca0169d93d398b5b8a982618961f688ab0e5e93f60a
-
SSDEEP
3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-03_633ef6e66fad69357a3092dc369ca92d_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-03_633ef6e66fad69357a3092dc369ca92d_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Naming\Reducing.exe"C:\Program Files\Naming\Reducing.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
276KB
MD52f99251be27e0dd616a0ccedd7cb6159
SHA10979b51389847fb27b72dfb16d93c41ac14aed18
SHA256b3f058d6c06642704c0f1af27418bb02c8382a9e79fdd110684b73631becf0eb
SHA512a9b4748f6a5c2b10dcfc92687001bc7c3e893cf7d93c63dca0ab36cdf4530939c8ad9b55fff41ba50cb3760b7d624ba73d3bce6c1224ad81b1389285ee4edf3a