Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 19:33
General
-
Target
2024-02-25_76ab95bcb774dacfa6d5643aaa74e087_icedid.exe
-
Size
266KB
-
MD5
76ab95bcb774dacfa6d5643aaa74e087
-
SHA1
b13c688ec83f09d2d611bdc315b25451525f966e
-
SHA256
b905bc9a8a13d9f61a730823bab56699a474e154974636001e5576178f38e5e3
-
SHA512
30baa3013be7203db4c05be0f7b9e5ef1bc4f4fdec306137a8e0fc5004402f371a0c0e206096b738f09fd2f355257f306d16dc6f092128699da76a21293aeff5
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-25_76ab95bcb774dacfa6d5643aaa74e087_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-25_76ab95bcb774dacfa6d5643aaa74e087_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Debugging\Internals.exe"C:\Program Files\Debugging\Internals.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
266KB
MD51f6a546ce6d8196bc16ad3d1a37be57e
SHA1d33f47fa3dc98090143b24d77c39e043a1989723
SHA2564cdd2bb4e15d9a90702fc9a203ca3125918c4fd61bacdfb5cd0ce7561ce20ed3
SHA512be7b36991c02e7c53d0ec7a95756184f2fc075acf6dc354a40f9b2819bf10d71001b3b24dd79a4ad7fe22a54cf701727930082bc8b64883cdb394e2874ea18ee