Analysis
-
max time kernel
148s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
28/02/2024, 22:26
General
-
Target
2024-02-28_657a7ebcc6578f2b98c4b1c4ae0f3443_icedid.exe
-
Size
319KB
-
MD5
657a7ebcc6578f2b98c4b1c4ae0f3443
-
SHA1
fd2f6574e4610edeee38ee87acc63703de5a3c5c
-
SHA256
d083d057d58b411b15b076086d71ff3a772012d5e4f6f1d6229f420145db60c7
-
SHA512
d236482cf83baebfee9de639a215d4a762c40a2dd7a21a76d67057d42204b6bff2a78af3015c2f0b0aee02616c00660409029dcfde0f2567fc6b3dd1f44d599c
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-28_657a7ebcc6578f2b98c4b1c4ae0f3443_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-28_657a7ebcc6578f2b98c4b1c4ae0f3443_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Trip\Multimedia.exe"C:\Program Files\Trip\Multimedia.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
320KB
MD5b6a19d594d36f261c73d90c20486590e
SHA1cbddc2e6985edbc85a4c3e09ab4968513fe27619
SHA2566e4d783bd92f0384e8376185d211fab39dfe5373c8dbc84b144e5b93abf2cc3a
SHA512309ca313f0a952d25c32b0c455848ce7fd18ac09bcce4ccaf6444d6e0c6041042745060dbe68c386c9f2efc1b03ba7b51d9f115728ba13f4622d10210866bcc2