Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
10/03/2024, 06:28
General
-
Target
2024-03-10_3a6bd999029c6f00587ff139c0db9351_icedid.exe
-
Size
266KB
-
MD5
3a6bd999029c6f00587ff139c0db9351
-
SHA1
b6d7f6803710a698b1a4d2628d3470a2f6cd1e8b
-
SHA256
b7f6323103de0b27ddabd64a4c1430632e5d90c7bcf7c3c841a4ce87f1228992
-
SHA512
c0fc55d96731b327373e71915c405722ba28b2108de27e91f4bff71c79294f36d7d0951af63665cc3adb4379c3fb7deaecd687461c3a4e638332ff3d4823f2e3
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-10_3a6bd999029c6f00587ff139c0db9351_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-10_3a6bd999029c6f00587ff139c0db9351_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\build\match.exe"C:\Program Files\build\match.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
266KB
MD51d219217289f5b7c78d5f74bb5cdc058
SHA150bd9bf97c2fe225ca1557187c5c6650a15f25bd
SHA25643ddef834bafae818884fc22d13a158984db1a44a2048ca28e69058d9a91c8a7
SHA512d7e8052408ccdec403f9ca0872811dd2181c8df1bb33221b70d7aea2ef856f8253ca3400f41c9a5cd28520dbb41f04e785bfbde81afacb6a23cddac5bdbe60b1