Overview

overview

7

Static

static

3

2024-02-04...id.exe

windows7-x64

7

2024-02-04...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04-02-2024 12:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-04_36840a9cc5581b9bf80641fd879f6b02_icedid.exe

  • Size

    428KB

  • MD5

    36840a9cc5581b9bf80641fd879f6b02

  • SHA1

    2316b2c7117d32c6917dae857438bcf979519979

  • SHA256

    3e3e33602f8b32636df1e8207ec13f5a4151f03607d41fab7b87c4fa63d58a26

  • SHA512

    3969318eadc0c1d74d649492a5551d34d956e5664d3d0cc542bfdd76b0c3d0b34b3f292a92fcf8618b17ceae0372867be7983eb11a8e5ee1c24e4a0316d10180

  • SSDEEP

    12288:u6plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:zxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-04_36840a9cc5581b9bf80641fd879f6b02_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-04_36840a9cc5581b9bf80641fd879f6b02_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files\withthe\provides.exe
      "C:\Program Files\withthe\provides.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\withthe\provides.exe
    Filesize

    428KB

    MD5

    6d7928068c28b671ed12f278ea4f6fd1

    SHA1

    5d6edffae1acc6a4c99389157dce4677882942c9

    SHA256

    8f3249d4b9a622dc7eaa713c415cd464aec6ea3e02fb0e47557722947d68df93

    SHA512

    9ac917ca619e26df1819666c3f58933516fd228e88efdd4f3b98a62d874abd8b0ce11df58551d5b4712315401fdf0f4eb230a67486c7c4c7946a01ba706696b1

    Download Submit