eadbdab45976fa79b0c3608d10c1fcf6940f3365f0a47c8f4f4497727d72f49a

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 09:42

Target

2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe
Size

422KB
MD5

848ebabca4b687d497bf03f8edd908b8
SHA1

4c91956ca2fb4253da2519a9327c9e257734ae75
SHA256

eadbdab45976fa79b0c3608d10c1fcf6940f3365f0a47c8f4f4497727d72f49a
SHA512

5099fdec1449eb7ae18f239efb0f895a3c335b6fb52e69cffcb4e2459f1a8e46b7d098416dab68ad73de0c63d6c5901f13f09d7d651ff03274448c4521cf66c3
SSDEEP

12288:tplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:PxRQ+Fucuvm0as

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2296	managed.exe

Loads dropped DLL 2 IoCs

pid	Process
2376	2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe
2376	2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\Program Files\requires\managed.exe	2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe

Suspicious use of SetWindowsHookEx 8 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2376 wrote to memory of 2296	2376	2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe	28
PID 2376 wrote to memory of 2296	2376	2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe	28
PID 2376 wrote to memory of 2296	2376	2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe	28
PID 2376 wrote to memory of 2296	2376	2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe	28

\Program Files\requires\managed.exe

Filesize
422KB

MD5
9dde948c0ea985fb64465a93c846fcfe

SHA1
d8a603f22b88eb029088712f279794345eeafc93

SHA256
409d9b4869a93cffe0554605cd58a3dba81f43df0ee45b4b240a728c3a3cca7a

SHA512
efe3a39ea0d7117839a3a5a0c6cba2ceedbaf9be09537e4f83f571f4829f3963311e9d917a395123d6694fa0d6e7cfeba73e8b567307250f9c45d635c3bc4e77

Download Submit