Analysis
-
max time kernel
122s -
max time network
144s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22/02/2024, 02:48
General
-
Target
2024-02-22_e9222e3aed7043ec7b5e0cca36c80e76_icedid.exe
-
Size
314KB
-
MD5
e9222e3aed7043ec7b5e0cca36c80e76
-
SHA1
3549000ab1944cade04d3d794c36dbad53605eb0
-
SHA256
86f5f47d4473a7276beb3c0d40e22678a580db355a2d80167f8d2d5c942cd911
-
SHA512
f1065b6f54a83fba3b0500fe2e1d36b7cd742558027d4150d7f5edc875f3d2e9a6990c3d35fd2e17ec0eae2f7b9be0a945ea8593fdd4a303e01e8c69e83153a1
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-22_e9222e3aed7043ec7b5e0cca36c80e76_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-22_e9222e3aed7043ec7b5e0cca36c80e76_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Chinese\Traditional.exe"C:\Program Files\Chinese\Traditional.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
314KB
MD5af12ed305439241c4bfd0d959d8b5fb2
SHA1eb53fe857a23cd9b9cc7a2f3daf84cf3e424a516
SHA256392758b12d215cb198cd998c161296da640098af1cfed9b45331c6591d09126c
SHA51220637a38f70dc46de429cff32bb07f622117886bcd8a0fb9ef15fd130f4c47b4a57642248bcc48d86dea4be5538d740d809cea9ba25680fd6daf9d9f24ef5c9a