Overview

overview

7

Static

static

3

2024-03-05...id.exe

windows7-x64

7

2024-03-05...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 12:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-05_bacec4af0bee58296a73bcb9852b7557_icedid.exe

  • Size

    417KB

  • MD5

    bacec4af0bee58296a73bcb9852b7557

  • SHA1

    a992d6a7faef39ae418032f61b432bfd59108aff

  • SHA256

    81ada2d1225ebd4eae76dd2c7858555138ea1d4d67d7fce91ce621d5120dd99b

  • SHA512

    553fa3b18bea346ec0a1badfb9351a7b3da9ded2a4cbd4cb368f992ed50f3503738301d46c9904614d2326665859ad4135025727d2c05e5764f21f05ef04682c

  • SSDEEP

    12288:uplrVbDdQaqdS/ofraFErH8uB2Wm0SX/Nr5FU:axRQ+Fucuvm0a/

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-05_bacec4af0bee58296a73bcb9852b7557_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-05_bacec4af0bee58296a73bcb9852b7557_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Program Files\meter\requires.exe
      "C:\Program Files\meter\requires.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\meter\requires.exe
    Filesize

    417KB

    MD5

    f683ef18a1dbaeed5210a0e12b3d02c3

    SHA1

    4c11e56d414b8b7a6ae7f672a36238b444714599

    SHA256

    c473a42eeac3cde923ca2d5c6d08644233aa68b5ee225539f5616d4281415e8c

    SHA512

    6f9365aecdbbcba8bbabcffac3433e84522276cf7a53871603981f5db0f086315b90d4e66aa9e2337e00f89363c15ddf33313ade6b2294419d0d95ae8fdb4ca5

    Download Submit

  • memory/2304-0-0x0000000000400000-0x0000000000573000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2304-4-0x00000000029F0000-0x0000000002B63000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2304-11-0x0000000000400000-0x0000000000573000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2976-10-0x0000000000400000-0x0000000000573000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2976-12-0x0000000000400000-0x0000000000573000-memory.dmp

    Filesize

    1.4MB

    Download