Overview

overview

7

Static

static

3

2024-02-03...id.exe

windows7-x64

7

2024-02-03...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    89s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-02-2024 20:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-03_b34494200ecb653b43b100d7f471835d_icedid.exe

  • Size

    382KB

  • MD5

    b34494200ecb653b43b100d7f471835d

  • SHA1

    9cde8853dd4e021173064b30e065e2fa0ff25387

  • SHA256

    ef45093657ba9add7c2d056c7a3fc982333ef154f4b363ab23618dcebf285ade

  • SHA512

    78ac66c88aeeb0cb56876211803d6a1f9dfde687b983d7213e5703fb481fe8b94657c01593840f12a9508c46afb52b21971888490ad3a51cd3ac098bcc047ebb

  • SSDEEP

    6144:9plrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:9plrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-03_b34494200ecb653b43b100d7f471835d_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-03_b34494200ecb653b43b100d7f471835d_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:116
    • C:\Program Files\install\jhgsggfh.exe
      "C:\Program Files\install\jhgsggfh.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\install\jhgsggfh.exe
    Filesize

    246KB

    MD5

    a188f309339093a7a9be72ce41b08e6d

    SHA1

    6312909f18ba8ff4df4322035afc7daab8878a70

    SHA256

    216b0939c2abbe7efd9f908764cca7a5726fd2b51b231ce5ecfead99a9a74c64

    SHA512

    cfe1377afec996223a2f02ae69aed77dec1484c64aaaaaf2ee51091377cd4197888bf51beb2556350790034d2d1e0891d9dc07b2954851c24abe7d3a23f9b307

    Download Submit

  • C:\Program Files\install\jhgsggfh.exe
    Filesize

    201KB

    MD5

    55083afbe1b3ff367dcf484cea214a7d

    SHA1

    9772fe99282a7146bf7b29465b282b2badd492cd

    SHA256

    a04e16d4da97a250d1d74733fd75a83455cff3dfe8471f8890a871884f33141d

    SHA512

    5f7f9e7015ef32398c6c42f5f16f20fa2c15f50d1bdf0df162dacff56ff8cd7c76d53d6360d658287cc5a7052dd1f5d4fcc9596d5457d85d8ce39ef0cb8a4024

    Download Submit