Analysis
-
max time kernel
144s -
max time network
160s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
27-02-2024 21:24
General
-
Target
2024-02-27_11d757f6a823de890d7c930f0ec5e7ef_icedid.exe
-
Size
383KB
-
MD5
11d757f6a823de890d7c930f0ec5e7ef
-
SHA1
698287dfd0b1c4a1c8cbbdf97cc7466a97c7dcb4
-
SHA256
ff91389099b4f8f0e6c31fecae03395ff006c3e06c3fdbfd287103762a5f569d
-
SHA512
2a21f4484337e389ad4e44edca38337ff4a244d1092cf551183275ea035be2e1066f86bdcd2f4b26cdab0bafe4a44ed819c55062433e653381a8871d4e682369
-
SSDEEP
6144:4plrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:4plrVbDdQaqdS/ofraFErH8uB2Wm0SXj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-27_11d757f6a823de890d7c930f0ec5e7ef_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-27_11d757f6a823de890d7c930f0ec5e7ef_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\upgraded\conforms.exe"C:\Program Files\upgraded.\conforms.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
383KB
MD5f2d4c42b2b2d2bfe322c648a7982c668
SHA1ebfaf734a5534f35f49d46f6834f797c18825b91
SHA2561817c00014eca9b60bb50cc91e4616b465eacd3bbabff788bf0bd49300b44cbe
SHA512069ec64227aa7cfb94af4fb38d55cee5b5a4a0faeed774ed21b0298144567ba04ac5efb2b88bdd34c89607c69837b4ec3ba7a485d86fc6dc25a906edbc1c0d78