Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
144s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25/02/2024, 00:45
General
-
Target
2024-02-25_90d81396941c968c4fced3969b8610ef_icedid.exe
-
Size
391KB
-
MD5
90d81396941c968c4fced3969b8610ef
-
SHA1
a7ba0de687ba5ddb388607718c751fca22e0f2ff
-
SHA256
b61c922d0f5c8d295b07b84a99e99aea2d7dc25e385469dbc0a23e3d2f2f361b
-
SHA512
875f14da29e124e04d55ec8f503f7457ecd465ba3fa837ea35cf5a428d0016b4f89404e21a274eaa70ffeceabea7178fbf180bb7ee9375b70d475c7aae795802
-
SSDEEP
12288:2plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:SxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_90d81396941c968c4fced3969b8610ef_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_90d81396941c968c4fced3969b8610ef_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\customer\component.exe"C:\Program Files\customer\component.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
391KB
MD5ad9b202a23fa0b3e2b89ca8c25bb912c
SHA15e4f6f0ff5ef82e039988c2748124aca54cbb0d7
SHA256d9db7de250dfe49f0f9e415c1f1a3dc5a25df0cd4b72a0eb1e75a13686e082c4
SHA512daf3d34916297a34456350c2c0f3f2c97f7fcb9b66b5fe4c26ca10a09ff77cb93961de6c4594c314a19e5f2499ff65c03561914a6cd5547cb74dbd410a2246fe