Overview

overview

7

Static

static

3

2024-02-19...id.exe

windows7-x64

7

2024-02-19...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    19/02/2024, 16:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-19_91b8c66cc7b7461df5bfc4b6a5e1a287_icedid.exe

  • Size

    429KB

  • MD5

    91b8c66cc7b7461df5bfc4b6a5e1a287

  • SHA1

    f8981439e8aef5184ce65c1707b7077fb53e9276

  • SHA256

    27a560051fd7b6daaa6b564df4d685dca8e8ba0cc9a82d697ee3b7c0e406aa4b

  • SHA512

    1e9b740652355c5f6acced00a3665af921ad883cb2fbcd365964d9ae490cd2bd8950d4c16500ad52f3c744d0573903915fdc0ba84eaad59be86f2c5c251d612d

  • SSDEEP

    12288:oplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:UxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-19_91b8c66cc7b7461df5bfc4b6a5e1a287_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-19_91b8c66cc7b7461df5bfc4b6a5e1a287_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:944
    • C:\Program Files\interface\during.exe
      "C:\Program Files\interface\during.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1680

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\interface\during.exe
    Filesize

    429KB

    MD5

    2afe878b5ace79c943951b87c2c4878d

    SHA1

    a2eb31b9074c5dc9895bc668ce98ee4e54ae6fdb

    SHA256

    b3b3f95c7f3356af6afc78ddb5462bbee084b91afc5589d0f88c13a877d0e35c

    SHA512

    4ebf83e961c3e68dad420edfe0c9d76aaaba7a5b7b140edbe20660571ae65f6828590565894afd63dd306dec4d40f969592d23bd2e71cc10e7bf69e6874aa1a6

    Download Submit