Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 20:06
General
-
Target
2024-02-12_882dab26b1e75711a6b89d06d7655f19_icedid.exe
-
Size
311KB
-
MD5
882dab26b1e75711a6b89d06d7655f19
-
SHA1
20bed9ef7be0b5541c0d513568f2627dc918e5a8
-
SHA256
88abe581844aa456414d54f2bcd2c1760e8fbbf0859c7868807442d0133ed6b3
-
SHA512
922598f1ea15e1d42098173a099b4223ca5ea114d3de80fcb6fda13fb41f65c418dc1465c23797195801b381263724a28a19388ce9eefc9ee06363ae7e6bd362
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_882dab26b1e75711a6b89d06d7655f19_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_882dab26b1e75711a6b89d06d7655f19_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Multimedia\Synthesis.exe"C:\Program Files\Multimedia\Synthesis.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
311KB
MD5c2c090d7b74cb959e01a06a895836f31
SHA10e8b4299362534677d10127af0378d6258b8d2b7
SHA256ecd5b09cbc1632da392e1c453cc813ef09fd3498977e79721061f6a84b2f8039
SHA512ca904e4998d597c62f1d75847544a14ff870e2a56d26ee81a7104dfe752893c77d028e6d63a60e4917f700afd08b53c4ba46bada7df307d46323d219f73775d3