Overview

overview

7

Static

static

3

2024-03-07...id.exe

windows7-x64

7

2024-03-07...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07/03/2024, 23:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-07_9d0b1ce53c3703ba650cd435f93c267c_icedid.exe

  • Size

    385KB

  • MD5

    9d0b1ce53c3703ba650cd435f93c267c

  • SHA1

    01ab46e0f5e320c3abfad125281725185172c924

  • SHA256

    0f57186f0959d853eca64a056c82d893b179522a0bc384d934c456d1985c8d6c

  • SHA512

    a8de171e938998301ae604ff3343167271c3ee7f3a280e9af20b168b003a221614616538a39685bbcb9cbc30a55c1cb0f37178070e8ae578f4b9bf572902899e

  • SSDEEP

    12288:9plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:fxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-07_9d0b1ce53c3703ba650cd435f93c267c_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-07_9d0b1ce53c3703ba650cd435f93c267c_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files\library\thatcomes.exe
      "C:\Program Files\library\thatcomes.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2224

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\library\thatcomes.exe
          Filesize

          385KB

          MD5

          4839802a519d48c985dcfc412b8cdf14

          SHA1

          5200ac8c0967ab1984ab626fba1c7dd0a0828f60

          SHA256

          fa8205e5c11f251af1449706ceb9f974db9c84ef910f4a523fd55c1c8df44bbe

          SHA512

          0f65c03d61a948595f751609f7450dc2ab772e29b9e1178c27e27ca235a8299db1c37628f3677f8eb9380bdf39e0e0af3f55a3bac9524f9759f723f6b191d5a5

          Download Submit