Overview

overview

7

Static

static

3

2024-02-17...id.exe

windows7-x64

7

2024-02-17...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/02/2024, 13:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-17_ac633dfb306da839e34373106c404158_icedid.exe

  • Size

    381KB

  • MD5

    ac633dfb306da839e34373106c404158

  • SHA1

    821c6439642747e8c2f2844fc42efdfb562deacb

  • SHA256

    f70d483c7594ddec9f39d654e82a528e975c6bd781e05d44a8218c6cb7374bfa

  • SHA512

    e6077ed939b95abc52dd0bc4b2208566c663f1d3b0502514c556b2a4e6f5650c27c41dbab47c6614d133d7314aff8c50d1e2a88406763cfc5e427e376eca1418

  • SSDEEP

    6144:lplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:lplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-17_ac633dfb306da839e34373106c404158_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-17_ac633dfb306da839e34373106c404158_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3360
    • C:\Program Files\English\American.exe
      "C:\Program Files\English\American.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\English\American.exe
    Filesize

    382KB

    MD5

    7013db55f6327e022f39c0f8d2f8f94a

    SHA1

    b317a69ac2e7bd9475a0265b85ce273362b86053

    SHA256

    fd0ef6509365ada0518c3a3564989458aadb07b3841c66e682df4b60bfb401e9

    SHA512

    b19a8e8ac3f4125310bc884c70cc03fa04d52f7faab4f1cc8d7b148ba3c1cdafc7ca4b349879ac42b1d8fc315951bae9cf3baac29bf1c326787526b554768e3e

    Download Submit