Analysis
-
max time kernel
120s -
max time network
141s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
08/03/2024, 13:42
General
-
Target
2024-03-08_1c317b92e5e1fed3b8dfddcc9d74da58_icedid.exe
-
Size
422KB
-
MD5
1c317b92e5e1fed3b8dfddcc9d74da58
-
SHA1
cd94ada53a3894f7702f4cb958222d843f1bb043
-
SHA256
89cfb2883944224e297524ba93da8deb496899681a22048504ac3f12380f033a
-
SHA512
9f14f5727dc3e58b53e8b649f4e094ad264780f71c3cdcdf645d8c8d26a6c02f9743315416cbf71790443590bd7dfa49fb4036ed3f676ca1926547bbd92e5d19
-
SSDEEP
12288:BplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:TxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-08_1c317b92e5e1fed3b8dfddcc9d74da58_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-08_1c317b92e5e1fed3b8dfddcc9d74da58_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\instructions\Redistributable.exe"C:\Program Files\instructions\Redistributable.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
422KB
MD5b78dde42d5ac3198ae020939a53baa89
SHA1a82dc1561badb647c87e73c2a0f5ff5499e84521
SHA25660e55ff80b7563659166698ab92322c91c036dc858d096e7ccff7fd761030ed3
SHA5122fecd6db4d0a86b2e6c9275ae9b7400a9f4211d7bff95b9467b8d23c08ba140b242390a8aa3ca532afccf8acb4c7204324ef31d2cb14efb35b52422b441f6cb7