Overview

overview

7

Static

static

3

2024-03-08...id.exe

windows7-x64

7

2024-03-08...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/03/2024, 08:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-08_b4671d35cda00e3daf35aff72589b977_icedid.exe

  • Size

    430KB

  • MD5

    b4671d35cda00e3daf35aff72589b977

  • SHA1

    71ce4ba1a2763b769145ea03715fe268ba26172d

  • SHA256

    a54f53a16966e12edc78ea40a6ac5d9cb3f2aaffddc0a1b3c5267a7ac671cf79

  • SHA512

    9a32c21eea8614288709dae83050c8c534810ed997cc750eaaacfd4a4f1f9302a94cd6ea94f79530418960b747be8d8dabf8d978d157c0ecf581672088a9452f

  • SSDEEP

    12288:RplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:jxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 4 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-08_b4671d35cda00e3daf35aff72589b977_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-08_b4671d35cda00e3daf35aff72589b977_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files\install\install.exe
      "C:\Program Files\install\install.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      PID:1676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\install\install.exe
    Filesize

    430KB

    MD5

    998b47f8705fe1ae3669b6bdf755281d

    SHA1

    2e3b45a3eb88af9a240842c8f9b8839ef281818d

    SHA256

    4645063879e96431932b2030dee1cbac91a77c7318d84d7c8f7972306954a9a4

    SHA512

    0cb746c368f14224ae7446acfcf28bc6cdbb331af994eaeb92cc9dab4fe60f35ce61cfe177fae56f75d73bd6d134ac2e5a07837656d50dff71abb1e233879cbf

    Download Submit

  • \Program Files\install\install.exe
    Filesize

    229KB

    MD5

    49198e1640e86e90ccdd6db3fba4e94c

    SHA1

    f2a1c4a6ddb1734e78787529cdf90dd346fd8760

    SHA256

    1f596180054e221186dec15d42830f5023ffdae5b584304c088b8de940ed2b54

    SHA512

    f1c91ce7162b21050ddce72b67dd96fcf0bded3bc20a39e036ae8f69d8d0ad0c523658669624627a6ce33d404362ced818f8101a9edf4dd020582b6631e9773c

    Download Submit

  • \Program Files\install\install.exe
    Filesize

    125KB

    MD5

    70905e92b9d4a352015a26d3c12a966f

    SHA1

    9e6ed83b9badecb2306ba8cfd413083f02b5e97a

    SHA256

    8895095c507b3475b788d23b82090a0d24dfa9cb691e7866ee2d3503284cf942

    SHA512

    0e7e72cc454f26e28bbcd2d85a6637a789330fa9367e1d08e5bffe6c166b3f7ccad8fe8e555a34d537ca79dad578533a83a2f1aae85e1465f2722893372100d5

    Download Submit