Analysis
-
max time kernel
141s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
12-02-2024 19:59
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe
Resource
win7-20231215-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe
-
Size
1.3MB
-
MD5
5a5aad05cdc8038e9138656108db13b5
-
SHA1
774abb153e98311551c4c9fc0af444cb168b745f
-
SHA256
924da07d9e81cbb7f9c13b7590a079efc83d69d59fb765fda24dd14ad2bf99d6
-
SHA512
985e234c34183f013d28c7a64230c10db913de8f053d6952ad3a656680f870f9a57459b580e85f0864bf7afc64c388750dcb5ada9dce0ba0cb88bbacb2ac9ad3
-
SSDEEP
24576:9XaRicFDnikUa0BVdybnnavdZmVESwGMx0/J202Gu:h6ikU0bnaTmVESGIJ202
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exepid process 2528 2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe -
Suspicious behavior: RenamesItself 1 IoCs
Processes:
2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exepid process 2528 2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exepid process 2528 2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe 2528 2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_5a5aad05cdc8038e9138656108db13b5_icedid.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious behavior: RenamesItself
- Suspicious use of SetWindowsHookEx
PID:2528