Overview

overview

7

Static

static

3

2024-03-06...id.exe

windows7-x64

7

2024-03-06...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    06/03/2024, 05:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-06_63f3b3754dd032cebee8f06de3331907_icedid.exe

  • Size

    431KB

  • MD5

    63f3b3754dd032cebee8f06de3331907

  • SHA1

    95425c2400e513cfa6d8698e47ccf4a5180aae35

  • SHA256

    b7a1f9c68b4fdd00179067af924e8c531e60cf918b30a63d0958f18c42c38a6d

  • SHA512

    c68c27ca1246aa1dcf10d5c3d09c5ee89a3789e7f5163daa95409016888c4bb7345e9d68bc5fee8be62a72817311eb83f14404e727ec2a65bc421e38ae950230

  • SSDEEP

    12288:oplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:UxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-06_63f3b3754dd032cebee8f06de3331907_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-06_63f3b3754dd032cebee8f06de3331907_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files\Schirmer\Addison.exe
      "C:\Program Files\Schirmer\Addison.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3056

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Schirmer\Addison.exe
          Filesize

          431KB

          MD5

          f372a37674e279098887f6ad8de8db51

          SHA1

          9273ac23bcd56581684d37ae7cb39323af46d13a

          SHA256

          adeab0d4a3e72083eba73ceb56e752324640263dc42ea3b28334f6738f8cbc17

          SHA512

          6b92dc20353d8bbc5598896c9f152fd9aac5a2dfa70e99b66dfc15a5d143000a4b0173a5edb74cb9b72867e76f6935c96827527e2817f84956ec900f7f5c4271

          Download Submit