Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
11-03-2024 23:30
General
-
Target
2024-03-11_8a61c34ad8b2bd52014aeed37fc8e1f5_icedid.exe
-
Size
269KB
-
MD5
8a61c34ad8b2bd52014aeed37fc8e1f5
-
SHA1
c82a3104776cfc547fc04168045a1b1e9bb68a69
-
SHA256
b09e5cf15200e0668e67e843c76409625297c436a2a731be3f4be16a075c5c97
-
SHA512
7d83ca149e1291966dfacbdfc0077a2660ae6736ca05646522743ee85578b7c51b5387efa8e2f880385e233665dccf0dcee917baab7b6f2a400c5ccfc6b293f4
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 4 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-11_8a61c34ad8b2bd52014aeed37fc8e1f5_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-11_8a61c34ad8b2bd52014aeed37fc8e1f5_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\contain\Dsetup1.exe"C:\Program Files\contain\Dsetup1.exe" "33201"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
269KB
MD5d71de227441e96f4cf3a6e052749b719
SHA1af93fa38a0dfdc1c3fb898858e833fcbd4c0f5aa
SHA256e066bd317ad653402257cc17a00aec413513033ddb5cb2e125e279e8f1cc1a87
SHA512ffd94495b0714fa6df7f29f30439b9dc92c21b2673e5b474e89265b05f0a09460550f9f21a8b986174da383244da8dbdb65dce2a1dd70939e292a3de477266c3