Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 20:08
General
-
Target
2024-02-12_981577bcaef1af31121c08b7f2aec551_icedid.exe
-
Size
383KB
-
MD5
981577bcaef1af31121c08b7f2aec551
-
SHA1
6cdbf997d0caf8e46dece917ab14eb3c57b77bb6
-
SHA256
54d1ac6a447e752db74a51d11fd0a3030a47316ec70f7d99959861a31895464e
-
SHA512
2c8eb1c5f1498e0b8a6b086ff9cf813d154eefd187eefeb43d248e5222410327e130b4b9b8e94bc51fee90244ee726e35972cd48b2cc128889b24c8f2e0d78d7
-
SSDEEP
6144:fplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:fplrVbDdQaqdS/ofraFErH8uB2Wm0SXj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-12_981577bcaef1af31121c08b7f2aec551_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-12_981577bcaef1af31121c08b7f2aec551_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\requires\managed.exe"C:\Program Files\requires\managed.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
383KB
MD56b4da6b0143e3648cf1f854101e104f5
SHA1b41c55a51855efc3e5ef4bab6f1f7044e6305754
SHA2563964f2a17c5e607fc822a8849239ff18e9fcbf9ec27cb7fe542bd4e6e2fd4d3c
SHA512b63e947f9b46cc7136a3d28858f51c8cf9713b5fa069b77ef209c0fa750c98e23550de9731121784bd5eb3e510e18e7edd51d0eceb3e03e0748e99178609dc5a