Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
12-02-2024 17:54
General
-
Target
2024-02-12_e599ce3f5fbaa15d169665445fd1aec1_icedid.exe
-
Size
390KB
-
MD5
e599ce3f5fbaa15d169665445fd1aec1
-
SHA1
814f665fedda6dc6d1b82260a5b121e553daca99
-
SHA256
e3c04d21d51e8f9e3bc34cbd4aea38cb026d57a52cbced6b1248197fadd84144
-
SHA512
07e7235a267d77dcc2724b0cc256b707c0fd62fe69ed9da349b2e99c0a4c205ddbf0c8100c8ce14244cb12055926098e3f8a1c3d55ea8a61c2ba65601108a2bb
-
SSDEEP
12288:DplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:FxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_e599ce3f5fbaa15d169665445fd1aec1_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_e599ce3f5fbaa15d169665445fd1aec1_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Tool\GetDXVer.exe"C:\Program Files\Tool\GetDXVer.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
390KB
MD5cef1a017c2ecf5be0a993dab18fa753d
SHA1dc934859b129ade6244aec12e2a10d26a06838f3
SHA256ea43563d359d499bad85fae808ea60f6a1c85cf367a3c95f16264b55406b6ac0
SHA512846a136fc4bf4953e263fda1a3c5d16d32031e8b0b49f5e6ed7959d1e371b03892a975ad7d5a8c96ee70b92eb051609c99cd63f59c8494eddcca720a2fe3d8fa