Overview

overview

7

Static

static

3

2024-02-19...id.exe

windows7-x64

7

2024-02-19...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/02/2024, 04:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-19_ee7803a8989c441574ee209eecdd23b0_icedid.exe

  • Size

    429KB

  • MD5

    ee7803a8989c441574ee209eecdd23b0

  • SHA1

    a4cc648670db704482d98c8949205fef76ebf433

  • SHA256

    1b156299aca746907dd27fe6ca200156ded069c84244964753485cce1930cd0d

  • SHA512

    cb5ed68e1b8c7a956ef3dc66fd059a84a716635b9e9e97bf5f5bcefd2816aec4dbf2f6664b3e3c4e341ea3afbab5a51ee8442a525390f9c5e4033462333b7f42

  • SSDEEP

    12288:oplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:UxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-19_ee7803a8989c441574ee209eecdd23b0_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-19_ee7803a8989c441574ee209eecdd23b0_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:5052
    • C:\Program Files\following\Redist.exe
      "C:\Program Files\following\Redist.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1656

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\following\Redist.exe
          Filesize

          429KB

          MD5

          3f5e8ebb99ebf137042a56a3654e18e2

          SHA1

          a5721e7ebc421c50e4c8d1d0ac1efd2963fb3739

          SHA256

          58d57ef3c2a94c139eb35456a05c7e05ee940ba173a18f8d2bfbe280caa88afa

          SHA512

          815937126dafdcb8103ee1ab8cdacc109c66d06911d94909575fae58fa5cc9216180daa1ad1dd0cbb053eb2deed45f75ff2bbe2ee6cede18db96b0185869aa27

          Download Submit