Overview

overview

7

Static

static

3

2024-02-25...id.exe

windows7-x64

7

2024-02-25...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25-02-2024 15:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-02-25_d615d314c233a2eaba100d8dcf2114b5_icedid.exe

  • Size

    391KB

  • MD5

    d615d314c233a2eaba100d8dcf2114b5

  • SHA1

    6156fabe9339bafa89ac74ed76dfaf6b3b28d7ce

  • SHA256

    7abb664ba30534e0b40709d882a285e57c1083088e3f4e54a441a1511ddb8e68

  • SHA512

    3f36dead12be77d764fdb9229444b89b6eacaf6273b3cd9afca31c635ba32e8dd0bc7cbebc28eafdc217a113f9b81dcff5732f85fbeb104dd86b48f8a45ba1fb

  • SSDEEP

    12288:LplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:9xRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 4 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-02-25_d615d314c233a2eaba100d8dcf2114b5_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-02-25_d615d314c233a2eaba100d8dcf2114b5_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2484
    • C:\Program Files\Windows\installation.exe
      "C:\Program Files\Windows\installation.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Windows\installation.exe
    Filesize

    391KB

    MD5

    7433869f94b3f0487237ac2e02117eb8

    SHA1

    be408c1003b90c755e9f5dda724d71b1e7e24397

    SHA256

    7057e71b91be9cc3a0f33cc708f8443d505a42f426586fd34f9fa313b190db81

    SHA512

    166307f23ed77c4b9865b26ec42c460c23988b3118ee09a8374aeff79b4a0d279e1431d240adde1bd80323a50516a087cf50c805c31a6790b3f8845f1fe27a30

    Download Submit