Overview

overview

7

Static

static

3

2024-03-12...id.exe

windows7-x64

7

2024-03-12...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/03/2024, 05:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-12_025293c372f6c4e8d455760f15813793_icedid.exe

  • Size

    384KB

  • MD5

    025293c372f6c4e8d455760f15813793

  • SHA1

    6fc9d13202dec9391dbf5bbb983bd7a24edff085

  • SHA256

    bafd7ab22e1a2744d4b6184f2b8ad2d23d152cb48900e3ca863f2a6508ae7d69

  • SHA512

    8cce26b0e5634644c6580575e2af824f7c0fcae6961fdfa1edd4346ced3ca1fbf5bd9a97e8b160743119cb945d02896bae15a716acfa17798025ee5203011e35

  • SSDEEP

    12288:uplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:axRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-12_025293c372f6c4e8d455760f15813793_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-12_025293c372f6c4e8d455760f15813793_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Program Files\indicator\Suppress.exe
      "C:\Program Files\indicator\Suppress.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\indicator\Suppress.exe
    Filesize

    384KB

    MD5

    3e9d7348479866fac1926600b3d7c013

    SHA1

    d521e3819af2c19acb99376b7017b0007f4eaa11

    SHA256

    14ff20a9f46d9cf425e07f49a4396baef4022295432fbc9287fa0dae51fc2378

    SHA512

    27e48f5195026e55248312dbe5f1b48e506b2577844f025ee94259cbe09c83b1719cd9acf24fe51c972fea8319a2f13815f93f39bb35406540e9e8f7253e173f

    Download Submit