Overview

overview

9

Static

static

3

2024-02-20...id.exe

windows7-x64

9

2024-02-20...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    91s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/02/2024, 02:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-20_05875bc73e332d2acfd42392a3edb1da_icedid.exe

  • Size

    6.5MB

  • MD5

    05875bc73e332d2acfd42392a3edb1da

  • SHA1

    206e0448aac43d40f6a34ec65ac97daeec977c9a

  • SHA256

    720ac9386aacbfd78f5cf377db051dc05401b7d8bc0d82f215939d03c3f0b89a

  • SHA512

    b9d6f43b244af931e64a68734c9806b41b3c058b88a077e5efae69ee5a40b48b4f3c5c32bac6235cef20ffab7821cce046f6589f475ecccedc55975ab1685a0a

  • SSDEEP

    196608:4LP1i1dE25MX3YzALrvTnnhuwWA1XSB/D5Y:wWdE25yiW7nnh1WoXSp

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-20_05875bc73e332d2acfd42392a3edb1da_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-20_05875bc73e332d2acfd42392a3edb1da_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1296

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\CyberArticle\240604593.dll
          Filesize

          228KB

          MD5

          afeada1c96da250c149a65078792fea9

          SHA1

          05edf45f6a100a72a5117910ad1fe910aae5c618

          SHA256

          db5d3594ab06b3d458a1472959ba1f703e98104ba94fde6b953697fa83b0a601

          SHA512

          70437bb78f950855c9b1d1597318755c58c8d4f430211aaa9d8829a49bcd11d993b3589cf1581e65ab7c1b40dd94a8b6f1706d9e5f55ee17bb021e2914ee33c3

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CyberArticle\5fae141446aeef59e65044580409a76f.htm
          Filesize

          8KB

          MD5

          5f0b9fbfe549f98e5e34d0be462c4a02

          SHA1

          362a0c5f7482f502f457fb45858abed83643e967

          SHA256

          625df9cf081f1d4a1c216c3100541ddfb82755c3f33015316833e88e307656c1

          SHA512

          fbe863271c7cdbfb6b9a682cf5c8dd52259e83b1d3f58df3ca3c398d97c74ac2d07707f754d46d27e3703b49f2f5182093fd95967f3e1428f01b28b384ef605b

          Download Submit

        • memory/1296-5-0x00000000750F0000-0x000000007516A000-memory.dmp

          Filesize

          488KB

          Download

        • memory/1296-6-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-8-0x0000000074D90000-0x0000000074DBC000-memory.dmp

          Filesize

          176KB

          Download

        • memory/1296-7-0x00000000750F0000-0x000000007516A000-memory.dmp

          Filesize

          488KB

          Download

        • memory/1296-9-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-10-0x00000000750F0000-0x000000007516A000-memory.dmp

          Filesize

          488KB

          Download

        • memory/1296-11-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-12-0x00000000750F0000-0x000000007516A000-memory.dmp

          Filesize

          488KB

          Download

        • memory/1296-13-0x0000000074D90000-0x0000000074DBC000-memory.dmp

          Filesize

          176KB

          Download

        • memory/1296-14-0x00000000759A0000-0x00000000759C5000-memory.dmp

          Filesize

          148KB

          Download

        • memory/1296-15-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-17-0x0000000074D90000-0x0000000074DBC000-memory.dmp

          Filesize

          176KB

          Download

        • memory/1296-16-0x00000000750F0000-0x000000007516A000-memory.dmp

          Filesize

          488KB

          Download

        • memory/1296-19-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-18-0x00000000759A0000-0x00000000759C5000-memory.dmp

          Filesize

          148KB

          Download

        • memory/1296-20-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-22-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-21-0x00000000759A0000-0x00000000759C5000-memory.dmp

          Filesize

          148KB

          Download

        • memory/1296-23-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-24-0x0000000075A00000-0x0000000075AAF000-memory.dmp

          Filesize

          700KB

          Download

        • memory/1296-25-0x00000000761B0000-0x0000000076763000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1296-26-0x0000000074E40000-0x0000000075050000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/1296-27-0x0000000075CC0000-0x0000000075DA3000-memory.dmp

          Filesize

          908KB

          Download

        • memory/1296-28-0x0000000074D90000-0x0000000074DBC000-memory.dmp

          Filesize

          176KB

          Download

        • memory/1296-29-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-30-0x0000000076CA0000-0x0000000076D7C000-memory.dmp

          Filesize

          880KB

          Download

        • memory/1296-31-0x0000000075A00000-0x0000000075AAF000-memory.dmp

          Filesize

          700KB

          Download

        • memory/1296-32-0x00000000761B0000-0x0000000076763000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1296-33-0x0000000074E40000-0x0000000075050000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/1296-34-0x0000000075CC0000-0x0000000075DA3000-memory.dmp

          Filesize

          908KB

          Download

        • memory/1296-37-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-36-0x0000000074730000-0x00000000747A4000-memory.dmp

          Filesize

          464KB

          Download

        • memory/1296-39-0x00000000761B0000-0x0000000076763000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1296-38-0x0000000075A00000-0x0000000075AAF000-memory.dmp

          Filesize

          700KB

          Download

        • memory/1296-35-0x0000000074D90000-0x0000000074DBC000-memory.dmp

          Filesize

          176KB

          Download

        • memory/1296-40-0x0000000074E40000-0x0000000075050000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/1296-41-0x0000000074730000-0x00000000747A4000-memory.dmp

          Filesize

          464KB

          Download

        • memory/1296-42-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-44-0x00000000761B0000-0x0000000076763000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1296-45-0x0000000074E40000-0x0000000075050000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/1296-46-0x00000000759A0000-0x00000000759C5000-memory.dmp

          Filesize

          148KB

          Download

        • memory/1296-43-0x0000000075A00000-0x0000000075AAF000-memory.dmp

          Filesize

          700KB

          Download

        • memory/1296-47-0x0000000074730000-0x00000000747A4000-memory.dmp

          Filesize

          464KB

          Download

        • memory/1296-48-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-49-0x0000000075A00000-0x0000000075AAF000-memory.dmp

          Filesize

          700KB

          Download

        • memory/1296-50-0x00000000761B0000-0x0000000076763000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1296-52-0x0000000074D90000-0x0000000074DBC000-memory.dmp

          Filesize

          176KB

          Download

        • memory/1296-51-0x0000000074E40000-0x0000000075050000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/1296-53-0x0000000074730000-0x00000000747A4000-memory.dmp

          Filesize

          464KB

          Download

        • memory/1296-54-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-55-0x0000000076CA0000-0x0000000076D7C000-memory.dmp

          Filesize

          880KB

          Download

        • memory/1296-57-0x00000000761B0000-0x0000000076763000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1296-56-0x0000000075A00000-0x0000000075AAF000-memory.dmp

          Filesize

          700KB

          Download

        • memory/1296-58-0x0000000074E40000-0x0000000075050000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/1296-59-0x0000000075CC0000-0x0000000075DA3000-memory.dmp

          Filesize

          908KB

          Download

        • memory/1296-60-0x0000000074D90000-0x0000000074DBC000-memory.dmp

          Filesize

          176KB

          Download

        • memory/1296-62-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-61-0x0000000074730000-0x00000000747A4000-memory.dmp

          Filesize

          464KB

          Download

        • memory/1296-63-0x00000000761B0000-0x0000000076763000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1296-64-0x0000000074E40000-0x0000000075050000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/1296-65-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/1296-66-0x00000000761B0000-0x0000000076763000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1296-67-0x0000000074E40000-0x0000000075050000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/1296-68-0x0000000000400000-0x0000000000712000-memory.dmp

          Filesize

          3.1MB

          Download