Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
19/02/2024, 16:53
General
-
Target
2024-02-19_edc80adf31ae2d41d64018f9d7b9a68c_icedid.exe
-
Size
276KB
-
MD5
edc80adf31ae2d41d64018f9d7b9a68c
-
SHA1
ddcad890580709bcfd94f99c12a8be4a1c23b9d2
-
SHA256
5bdbfd54ce08f66347bf905a41734783fcdcff9701b65a25d72b05ec7d5344c3
-
SHA512
bf445d6e6269e94e56f604dd2bc9f16029e10a06c31f636d831250915c753276e1f35dc69b76e3c7e91504434d961aff1226bb06339870e755a890f317ab6f23
-
SSDEEP
3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-19_edc80adf31ae2d41d64018f9d7b9a68c_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-19_edc80adf31ae2d41d64018f9d7b9a68c_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\handling\interface.exe"C:\Program Files\handling\interface.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
276KB
MD51d1f71fc60b14d3b00d412c7f9b97d3f
SHA1dc3a3e00c7659fff67883e948c7416ec7b9b38ed
SHA256fa9a9c79a7b3d5e9a1614fbd79ddc7247894b1212a563c70d192811c03cf2c00
SHA5128e0b9e9601dc9f6d36b475f9643d06c14fdce074bb54a3d64ce49518d4188bc160b5b16e798b576eea50b06d13b5a5340ef2f9c53c2a748f189a809ea294ae08