Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
19/02/2024, 16:30
General
-
Target
2024-02-19_3e6188936d14d773754c7da6d498cc9e_icedid.exe
-
Size
278KB
-
MD5
3e6188936d14d773754c7da6d498cc9e
-
SHA1
208ca3e1863e344d198f143ce58baf7ee476ed1e
-
SHA256
f3254f11efaf0b86ce7ded0a84e6dd589609f55e304cfdb98361face98e2c69d
-
SHA512
af71f2644a35f154ed2d8fddee8b907ac1265d9b9375d89c1ca7e699f204615601955930228699cb5a3d083c84e03d48b546ab0fe2d1281aedd76e94f2c6feea
-
SSDEEP
3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_3e6188936d14d773754c7da6d498cc9e_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_3e6188936d14d773754c7da6d498cc9e_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\.exe"C:\Program Files\\.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
278KB
MD54e12bb0363ce9a6df2256b1916d5170b
SHA1ce217c29f898fe41c0a2fd6764e8b7821a7ec7c2
SHA256a18de9259bafc1059fbd9778758b9ca15e103038d0f45d221d67d3566f574143
SHA5128c7419a0fd768ed6c88633c42d10e7c129786feca795488552d24b059f263ebd4e4d8c6674dcf074ff5a1ae7d029c40030ec778686d77067eaabad5fc3c5453f