Overview

overview

7

Static

static

3

2024-02-03...id.exe

windows7-x64

7

2024-02-03...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03-02-2024 19:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-03_e1a0a2e3be606a0e55621a384c85e010_icedid.exe

  • Size

    313KB

  • MD5

    e1a0a2e3be606a0e55621a384c85e010

  • SHA1

    900d696eedf74d47bb73c9390608123eb34f4567

  • SHA256

    570d115d089980a8d3629648e74c728fdfcc30b81d8f4f31a90984e9d14d7f42

  • SHA512

    da2d531c9bf8372bd8b95989596fcba3ed0153bcef2ad0d228790e8fe597210a724fb5ecf5dedd662c94882b93a2d92a7f4708fb246840ba0424ec528ec0f20b

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 4 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-03_e1a0a2e3be606a0e55621a384c85e010_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-03_e1a0a2e3be606a0e55621a384c85e010_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files\integrate\Update.exe
      "C:\Program Files\integrate\Update.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      PID:1148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\integrate\Update.exe
    Filesize

    192KB

    MD5

    c23ca0d00658bd5c548661f2682084ab

    SHA1

    d25c18ca24fa7e31a5163a530f15ebc691afd4a7

    SHA256

    a7909ae1606f68d738f4c77295d0885f390f9da203049fb2a6d409b37aa1a507

    SHA512

    2637f745bc04715b6620d8e183f5035f5e9da55160205659c843daec2a0b845dbfaf9c265de970f1227f654005d3d59440c17ae9a0e4fce41cfd88124f199980

    Download Submit

  • C:\Program Files\integrate\Update.exe
    Filesize

    262KB

    MD5

    3f0f9342dbbc4a534b1fb897b6000186

    SHA1

    69c7825e20f56938087214cfc1ca12ac535bc4a5

    SHA256

    b22335372f221469336c6a7ff8fabcbf30324c81cb55ab984c100fec0d4f7559

    SHA512

    1f59677affb2ce3afb7ccbbd1c7b9fe6c94d5fd9382c0bee996af4b8647ffc9adcfc2d0bd1e17e16273e180bd33db3d2e35551075772911ec769e5538a7ef2dd

    Download Submit

  • \Program Files\integrate\Update.exe
    Filesize

    314KB

    MD5

    fa608fb2f18eb02ce073c2ea32668b4b

    SHA1

    e4ec7a1cfecf238fd3771d28e7d15fc02f06d422

    SHA256

    76243919380d7eef5583d5c4f93a86cd0055b9ed47a823519059d71b693d6cf4

    SHA512

    b7862f26d1a6e86c1485bb2659461fb094bb01797083280e816263c75beb1226cdb4ff909bc86ea32c3870f50a776b8ab6eb53736d87906190066d8f3f7c6303

    Download Submit