Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
20/02/2024, 05:51
General
-
Target
2024-02-20_6a3bea0947b389b3b87329efa3585fe0_icedid.exe
-
Size
383KB
-
MD5
6a3bea0947b389b3b87329efa3585fe0
-
SHA1
86c11d746e37ab6e965b095f7c45c800b471c591
-
SHA256
f600f290132ace6c3bd5900aba9bb067741681bceaf4af90cb159089d3825d67
-
SHA512
8d044d219a0d229f8162e1c0d6ae722268e34ccfbd5cb05423fcd0d2a39476b86b29526a03a5eef4081b63445eac3017a1a4deefc6d98e5fa65de2a7ebab2b79
-
SSDEEP
6144:ZplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:ZplrVbDdQaqdS/ofraFErH8uB2Wm0SXj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-20_6a3bea0947b389b3b87329efa3585fe0_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-20_6a3bea0947b389b3b87329efa3585fe0_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\provided\obtains.exe"C:\Program Files\provided\obtains.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
383KB
MD523cd692a8f0c01bdc39463393571b945
SHA1fa8b9a5469e48a999c6e0384c83eeeb84f02568e
SHA256efbba53727817c37f978bf94685a0d3d5b226fa17c5d7a6af19953b5a698a241
SHA512b18c8bdd991e8052f8d7eb6777b646cd2eb73f0e3905a6ec9c82d0bd0a53f0ed5a53d4ca4ae49ffc15da31181dc06f74805869d9d7c2940a1ea40d7c0cec31fe