Overview

overview

7

Static

static

3

2024-02-21...id.exe

windows7-x64

7

2024-02-21...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/02/2024, 12:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-21_928ee57dee089ec2d55fbd9c634e11de_icedid.exe

  • Size

    426KB

  • MD5

    928ee57dee089ec2d55fbd9c634e11de

  • SHA1

    b7862db94f35001e54befbb59b2556215de8c03d

  • SHA256

    93c72b349b7284ac6a1167fc6faab7c341799403a7c764a23076c8210402611a

  • SHA512

    58db05f3125bc280e67c7ac16da2fe6dea66ff82845b7f1ddaf371261ccd80b92fbe40923e0a0a7df47802bf46c13abfa9d44aca38a2a12297ab0bc472162381

  • SSDEEP

    12288:gplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:8xRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-21_928ee57dee089ec2d55fbd9c634e11de_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-21_928ee57dee089ec2d55fbd9c634e11de_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:228
    • C:\Program Files\distribution\dependant.exe
      "C:\Program Files\distribution\dependant.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\distribution\dependant.exe
    Filesize

    128KB

    MD5

    ab9399981bea0b328a24f577fa34e7be

    SHA1

    11a7671d22253b76b4809789c8638cb52ceabafa

    SHA256

    4a841c4c25502c86bafab3cc46e8077ebb8d3b1eb54cdb9ddc893fd290cfb369

    SHA512

    51dfeecf394f3eadcb87a40347116bb61b51cfc51be639692fa204581ea17d2a04cfd829a4ee6718ac76d3070784f60d99ec167825d6df2247a1a50d1c76cc1d

    Download Submit

  • C:\Program Files\distribution\dependant.exe
    Filesize

    426KB

    MD5

    4c930683c5bedc922de70c310dbf5a95

    SHA1

    697f6b04177d14d0956fc3a448c3c8c542db3fd2

    SHA256

    148029107c66116af541f9ed3e27eb0b35a4407ba2639f35712aecb477ab5b49

    SHA512

    8c40750c50833d59064f8183751cb4e85998dcb044b4eccbedfb5a6e14cb25c66c54c3df705eae6a7c8c37dec3caa531dec29e4a6bf0b2bc7b7bba6c3cc62511

    Download Submit