Analysis
-
max time kernel
92s -
max time network
117s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25-02-2024 17:26
General
-
Target
2024-02-25_1a820dc75cc8e5c938bd0800e2f5f17f_icedid.exe
-
Size
384KB
-
MD5
1a820dc75cc8e5c938bd0800e2f5f17f
-
SHA1
83a8df4d9f09421a255b148a12399f8607d5e873
-
SHA256
71275f25c57f7b5756b3a98e0ed64e81dcbd27aec72bb2e1d973177e85a3bda2
-
SHA512
843d13ba6c7b7ae97a95ca44562fbdf06b52575e050fb6ece37c2528e4883c248f7d15b181b765917a2dccfacbf272e1a735b010326c744c659143d201a1aadb
-
SSDEEP
12288:gplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:8xRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_1a820dc75cc8e5c938bd0800e2f5f17f_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_1a820dc75cc8e5c938bd0800e2f5f17f_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Synthesis\Composition.exe"C:\Program Files\Synthesis\Composition.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
385KB
MD56f35bf903ece4d7a72d9dcea4f10a8f1
SHA19b2e2ef8e151587430bf0a8410f97387063e2150
SHA256d72e9bff8e01f98084890cad74da7da9c2fa9722159d9377ca68e70ee2c88a17
SHA51208441bdf989916b06579ce63bb3d2ead74348f16c7622cac0a3574e8c5e8d13921e3ec35a4df167cd4abfb0c3b4c9cef7154839d4fc17073ef06442cbb19ed3a