Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
24/02/2024, 19:43
General
-
Target
2024-02-24_05c05445f02d4c6d3ebe34a308fa5a85_icedid.exe
-
Size
318KB
-
MD5
05c05445f02d4c6d3ebe34a308fa5a85
-
SHA1
2991d00cdae11951f9ebea798637e00354d46e33
-
SHA256
8a2a6f45802fdf16c5b4d3fb38454354882df47f87c00826ddb50c827cde9fc3
-
SHA512
dc3a9656c488e591a4a79452d1c3bf663f1eee7e2466125e3a6ef0c7de36b90f8dee858d4f175d9ac3c26d0d67b5de2ca18b318c7a9c7bd61d207ded91a21cd7
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-24_05c05445f02d4c6d3ebe34a308fa5a85_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-24_05c05445f02d4c6d3ebe34a308fa5a85_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\option\silent.exe"C:\Program Files\option\silent.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
318KB
MD506adbc5334161f878b237536dd0aaa00
SHA18a22f755e7b76d9fee1d2fdda2f8c1960389bbfd
SHA2564ae68d3345f0628aa6a7ad2987aed94db9581d6e4dfb86c2375c8d8e0b1b3a98
SHA512a22af0c8d6737edc31d9fe7b5e4ff45ea1ec38b770f36b71fe8971944806ea0a259246b394a71429f630dda21213673097a5252fd6479ea389e4c2b427d2e511