Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-14...id.exe

windows7-x64

7

2024-02-14...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/02/2024, 02:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-14_0d044c67fd8779bc7047bde4a4c93dc7_icedid.exe

  • Size

    380KB

  • MD5

    0d044c67fd8779bc7047bde4a4c93dc7

  • SHA1

    131fcec0fedd5bd24762d71eb13bccd7f5b2cecf

  • SHA256

    73c0c1526ebfe9a3d39f7d0c428e413a895133ddf7b9dec4a08805328d414a04

  • SHA512

    8044dd0fe5c7bef91fcbf035b00259759856ef12a6b151b360dcfe0fb41dfeb25e399caf6dbbe6e94f6ef63ca23edacfcadfb21ec685ec3bbfbda4c82313fd59

  • SSDEEP

    6144:wplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:wplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-14_0d044c67fd8779bc7047bde4a4c93dc7_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-14_0d044c67fd8779bc7047bde4a4c93dc7_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4640
    • C:\Program Files\root\directory.exe
      "C:\Program Files\root\directory.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1424

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\root\directory.exe
    Filesize

    256KB

    MD5

    2773c38c985e324bbadfcba4503900f7

    SHA1

    568f471fc8e0a90968f0cf8e15d0d7be71a9466d

    SHA256

    3860e5732dd57e61eb45676537b835b38d11e075c5cfdb6b0011f2421b999a53

    SHA512

    f0ce9a80b448462e9ec287c367791be2cc18f7854241889e47fcc713bcd9142fece3c55b9e1a6879c286b4f8645fcfe31ee3b57b10703dfc2d3e043ad8fa937b

    Download Submit

  • C:\Program Files\root\directory.exe
    Filesize

    380KB

    MD5

    bbb12e922b14c01b3dacec3a0dec3d55

    SHA1

    4a24628d238408309c3aa9194aa586846677fa9e

    SHA256

    efd565bfd30467ca346bb29a32cc8328a095a612c6f6be48ff760ac39d06889e

    SHA512

    415337f0b8378835b5c46265e70669e43deacbe11af7d441dc201be9b5f8adaf59df595a0e953f3f76fd68908dce940206f1c91acbdce66d77829fd7af30eba6

    Download Submit