Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
05-03-2024 08:39
General
-
Target
2024-03-05_9eef1e231b4498e0766edea8e0a0fbcf_icedid.exe
-
Size
382KB
-
MD5
9eef1e231b4498e0766edea8e0a0fbcf
-
SHA1
3d4da51b82b528521ae3a86a8d451197f4d9c747
-
SHA256
52ddae73192b8151f2588e667ca55f6770c932d5ace74a3551ac35e88e3c4757
-
SHA512
435587f20cc71800ac10ad68e99c8dad8fecd683711e3e3b03d613646a09d82c54f278f48ed550e9389e68ed10ae4cf0a90b97c70cd3fa883e488b8772279a18
-
SSDEEP
6144:OplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:OplrVbDdQaqdS/ofraFErH8uB2Wm0SXj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-05_9eef1e231b4498e0766edea8e0a0fbcf_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-05_9eef1e231b4498e0766edea8e0a0fbcf_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\require\customer.exe"C:\Program Files\require\customer.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
382KB
MD5ebc0f75a354f8d96c71d96ae6f464dcd
SHA1d38869016d801642a2842ce77e56d715c7f0ada1
SHA256032168e77b0d5e78334be1d745216ef109d1eb56e305eac0ae6e4f21f02da33a
SHA5120f776a99870675cc06a8632ee2aab069ed209590ea4ba5fcd237a8c4b0ea835e44a3e401e1d6d9ccbb112c8bb586201f628a152e8d4c967384eb73349e45f4ac