Overview

overview

7

Static

static

3

2024-03-12...id.exe

windows7-x64

7

2024-03-12...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    156s
  • max time network
    164s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/03/2024, 03:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-12_2c4e5af27020d8fee93b481ab746dc25_icedid.exe

  • Size

    266KB

  • MD5

    2c4e5af27020d8fee93b481ab746dc25

  • SHA1

    9594b669b5928dd295252e51242d48e39bfa9c33

  • SHA256

    f8024928fc162b315486441de63dd14d6fec358c76e71c78e216535c3d016aa3

  • SHA512

    3a1f49d1e3eaeb50fd75db00c6bcff3667a8b8d5360ead4ebd20907d24849fbb98b0548439c4efa83fd037a288ba0d7779b0e533377ccfea2cc002dd725eb229

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-12_2c4e5af27020d8fee93b481ab746dc25_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-12_2c4e5af27020d8fee93b481ab746dc25_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1748
    • C:\Program Files\obtained\Employ.exe
      "C:\Program Files\obtained\Employ.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4376

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\obtained\Employ.exe
          Filesize

          267KB

          MD5

          4f372747774dc06e8a403c87ee425ec6

          SHA1

          3267c9ad4ff45ca5a41e2b7628cf1e841c5a9d4f

          SHA256

          3bf3657989d28d080f2690d11b9c91c6d86052c93afed18c02f695ebb6c42a9a

          SHA512

          978e3a3fd3cc67d92d4491be1a8a3fcf6275df4ee9e8e64678df270ee5e23e29c4daf4708c1fe47c54e32798f75d56a598d90e1615d0d0cd0f455346522dff96

          Download Submit