Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
11/03/2024, 14:23
General
-
Target
2024-03-11_03604f02f793cb121eb3713bd202ab30_icedid.exe
-
Size
314KB
-
MD5
03604f02f793cb121eb3713bd202ab30
-
SHA1
288e5dc6a61b602fb5001c1aa6c475ca811ec7aa
-
SHA256
53ec4938dec755833a567b685cade312884dae0c90b64f623a7dabef8aea34d0
-
SHA512
0859043f772c162a810b8611ef18ee996cf96225a4f30cbd9181dbfd34e52a35c967867dde69b7b66f492e2cd0ee391c4dd61787b60759e7f4a87211f9d5f17e
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-11_03604f02f793cb121eb3713bd202ab30_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-11_03604f02f793cb121eb3713bd202ab30_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\callback\customizing.exe"C:\Program Files\callback\customizing.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
314KB
MD5486bbf5115c909fc1f806b985b363cc6
SHA14035643fb0187b28799ce62f2a0e90b3d42354cd
SHA25605ee7fd140d6ce9bb49cbbe4248a2de79b4541278c250de3fa835cf2899c928e
SHA512af194379eeed2e66f5293c48875cf2cb6ebb00e78b653b637aacbe34c15a99c60d482a4e73a99884ba7babb1abc3077cd4817ca4983046ffc82010ab0ff66f40