Overview

overview

7

Static

static

3

2024-02-04...id.exe

windows7-x64

7

2024-02-04...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-02-2024 12:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-04_36840a9cc5581b9bf80641fd879f6b02_icedid.exe

  • Size

    428KB

  • MD5

    36840a9cc5581b9bf80641fd879f6b02

  • SHA1

    2316b2c7117d32c6917dae857438bcf979519979

  • SHA256

    3e3e33602f8b32636df1e8207ec13f5a4151f03607d41fab7b87c4fa63d58a26

  • SHA512

    3969318eadc0c1d74d649492a5551d34d956e5664d3d0cc542bfdd76b0c3d0b34b3f292a92fcf8618b17ceae0372867be7983eb11a8e5ee1c24e4a0316d10180

  • SSDEEP

    12288:u6plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:zxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-04_36840a9cc5581b9bf80641fd879f6b02_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-04_36840a9cc5581b9bf80641fd879f6b02_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1180
    • C:\Program Files\withthe\provides.exe
      "C:\Program Files\withthe\provides.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\withthe\provides.exe
    Filesize

    428KB

    MD5

    1234e507d2e5e796148ec7c2339ff3b1

    SHA1

    065dacb361564c839fc817c2e0bc9a11563e5ad8

    SHA256

    53231f67edffb916427c0be3cd56198bf93e117e8b12e61f69ec299c55ae84d3

    SHA512

    5e188e3a8829be69bbec2d2c2043e523f86b990c8664e26c6d66df2596d620e8d6750c75d488ac2ccbc78211e32daac4b689fb46c20c5ef2b25df4224348327e

    Download Submit