Overview

overview

7

Static

static

3

2024-02-22...id.exe

windows7-x64

7

2024-02-22...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/02/2024, 14:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-22_fd855a6cda83b1b44735a3b9477208a3_icedid.exe

  • Size

    381KB

  • MD5

    fd855a6cda83b1b44735a3b9477208a3

  • SHA1

    f02ee5d2e294bc7f52c9fff51b89db1881ac3983

  • SHA256

    e684053e1ef71a662e2711ec570e27c158444bc09382390f1a8c7b6e188ce6bc

  • SHA512

    98e20a9384729dd652657c2e01dfb89eebd61657c8c4171b2ef7f06fa414ac42f0ba91b61172940a936138ee0eb6be24bf331556578d11fc514384707d24311f

  • SSDEEP

    6144:0plrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:0plrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-22_fd855a6cda83b1b44735a3b9477208a3_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-22_fd855a6cda83b1b44735a3b9477208a3_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1208
    • C:\Program Files\having\towrite.exe
      "C:\Program Files\having\towrite.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4396

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\having\towrite.exe
          Filesize

          381KB

          MD5

          14905925b259b0c69791b59789f64b08

          SHA1

          9ad56bd8041a9b987b186ceb9554215aa5546900

          SHA256

          f0533ba9584477dc8af167a64a0ca0582bdd2977f5c61e486fa74c46e69e70e2

          SHA512

          0d1a89ed7aaf286ab26ddd671ae807b6d2800b8397b5c9669b329df8b5393d3ad07652298191fb473fbc4f9de59b4ed8e696cd1cddecf937fbc947e02eb0279f

          Download Submit