a85db0771983c91a1a21993187f766503e5d2a513acc512312d4b4dd4a47c0a5

Analysis

max time kernel
140s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
12/03/2024, 04:59

Target

2024-03-12_d9256fffd3e789684641cc8089f3950f_icedid.exe
Size

385KB
MD5

d9256fffd3e789684641cc8089f3950f
SHA1

545cc0a2740a28ac3ae357ab23ff1e462f469b78
SHA256

a85db0771983c91a1a21993187f766503e5d2a513acc512312d4b4dd4a47c0a5
SHA512

92bf34fc2e699f73f4684c0c1f452fc0e27354e051f53d801f2eebfc4a68c99c6812539cb3eaf06cd1dea9e22a731359aaef80914d99e92fd7c6efe0093a2d48
SSDEEP

12288:tplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:PxRQ+Fucuvm0as

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
4428	Graphics.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\Program Files\component\Graphics.exe	2024-03-12_d9256fffd3e789684641cc8089f3950f_icedid.exe

Suspicious use of SetWindowsHookEx 8 IoCs

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1124 wrote to memory of 4428	1124	2024-03-12_d9256fffd3e789684641cc8089f3950f_icedid.exe	91
PID 1124 wrote to memory of 4428	1124	2024-03-12_d9256fffd3e789684641cc8089f3950f_icedid.exe	91
PID 1124 wrote to memory of 4428	1124	2024-03-12_d9256fffd3e789684641cc8089f3950f_icedid.exe	91

C:\Program Files\component\Graphics.exe

Filesize
386KB

MD5
59d6a769b556cd3b90dd4b4060215b9e

SHA1
7838cdba32fa997b10af53c9713b54aea146efca

SHA256
b102d2fb03da90b13d7c4b85c2ecfad707a2b27625e6c7245fe096df99a21ee1

SHA512
261ce0d46cc2515040d49ba4c0c26f03359f936541ef4572742f57a4f2d1d4ab2f4877d74a8e3bc9963f2c4a191748a5e92011cfea905d748137241c4e2ffe56

Download Submit