Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
09/03/2024, 03:05
General
-
Target
2024-03-09_e5d8d7ab76a07905ca93692fb19dfa9a_icedid.exe
-
Size
315KB
-
MD5
e5d8d7ab76a07905ca93692fb19dfa9a
-
SHA1
b47cd14a27e02546398604e564822a4879263bc3
-
SHA256
f04ea25b4437853abd06e8b128054b0afddd12cb226b99399998bee9c5210575
-
SHA512
2162d21ddbce1e236a421580f47913fe1913f43354a00f57db597a7fdb09639c231f5739bc3dcd00a196d252549f3f65fbdc96670d249381d4cb39d761ba5622
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-09_e5d8d7ab76a07905ca93692fb19dfa9a_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-09_e5d8d7ab76a07905ca93692fb19dfa9a_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\customer\component.exe"C:\Program Files\customer\component.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
316KB
MD51e4d7d8722e99a4415e1e3029acfda54
SHA1c3f63bb01f4fa7306c16ce5b82d23855c7447a64
SHA25629f03134a2ff2c345f00bb619afd901ac7bda5192afb5a6be4f9f9aec88691b2
SHA5126af4fc4f13759b501c8aa22c6ebffd27797dcd260520715756a07ed30d4c8bfcf17a955998c9362bafd15732e5dbd8ca8bcf8946893e3e8b624cd7afbc47a85d