Overview

overview

7

Static

static

3

2024-02-23...id.exe

windows7-x64

7

2024-02-23...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/02/2024, 20:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-23_6af15de2515d54e6887f067074fe0a14_icedid.exe

  • Size

    384KB

  • MD5

    6af15de2515d54e6887f067074fe0a14

  • SHA1

    5e6b08af7f2d696a2931c569f8653ee6355f3b25

  • SHA256

    c102166f8d840b3df8cd7204bd558839aafaae393a091abe793edd36d4d9e443

  • SHA512

    f7dbc92ca049bb1694460e752d7f59fbf2fd8799c9c8e900a751db91c4e343c29b3a8e44c83fc6099e85e29fa7a7533cbaa296432ef1790bc622f3953b46c81e

  • SSDEEP

    12288:ZplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:bxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-23_6af15de2515d54e6887f067074fe0a14_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-23_6af15de2515d54e6887f067074fe0a14_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:244
    • C:\Program Files\MessageBox\upgraded..exe
      "C:\Program Files\MessageBox\upgraded..exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\MessageBox\upgraded..exe
    Filesize

    384KB

    MD5

    20bfcd015f6e5c919a4cb1fbbfb7e189

    SHA1

    3a51c59bb5e9d489e226d329808cc6600ef79683

    SHA256

    07d0865adb4e30cc4ed2b083771530add3b26949b8dc4efac2597d0bbb3fff65

    SHA512

    6b909cdd28a28510ab4140b9b0aa4e3e2979dbb8933fc605f6cd58a484f64749b305574315c8f4752283c4c6c2de50e906f59be5c57bc4805bfded45d726f317

    Download Submit