Overview

overview

7

Static

static

3

2024-02-24...id.exe

windows7-x64

7

2024-02-24...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-02-2024 09:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe

  • Size

    422KB

  • MD5

    848ebabca4b687d497bf03f8edd908b8

  • SHA1

    4c91956ca2fb4253da2519a9327c9e257734ae75

  • SHA256

    eadbdab45976fa79b0c3608d10c1fcf6940f3365f0a47c8f4f4497727d72f49a

  • SHA512

    5099fdec1449eb7ae18f239efb0f895a3c335b6fb52e69cffcb4e2459f1a8e46b7d098416dab68ad73de0c63d6c5901f13f09d7d651ff03274448c4521cf66c3

  • SSDEEP

    12288:tplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:PxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-24_848ebabca4b687d497bf03f8edd908b8_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4760
    • C:\Program Files\managed\code.exe
      "C:\Program Files\managed\code.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\managed\code.exe
    Filesize

    422KB

    MD5

    0c6f95c1bd370989318bd4de440ae576

    SHA1

    7f2327b19256c6b379bb71e1b4b67bab664e1394

    SHA256

    b5a69aa70ba2b5b61819b77b602119989999c8512b77150edcffa5ef8a10ceb4

    SHA512

    e5cb6f7ca1e81e56e78aeec3b56a4ef3a95d72ce608fd1564231521160ce8c0fae9d9989cfdd899e34f5fbe56a30223415add68f52e30a639056773a09d823e1

    Download Submit