Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
13/03/2024, 22:46
General
-
Target
2024-03-13_b95d98f408e1528d8df4bdfb7baaf575_icedid.exe
-
Size
267KB
-
MD5
b95d98f408e1528d8df4bdfb7baaf575
-
SHA1
d6b6b2e277fc6fcf91383deb8070b3782c2d81f4
-
SHA256
c5472813a3be3ee93dada2f8ccd2360110cee09b04ea1542e4aadcb77824cbad
-
SHA512
5c760551329b8ef37a85181e3a0aaf29a062b2b010bdab021f2bf34bd445ec91cd892487c5c05dbb63e255a0ac5e56ddaca119e3fa4a16a58c44357c0c1fd5f3
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-13_b95d98f408e1528d8df4bdfb7baaf575_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-13_b95d98f408e1528d8df4bdfb7baaf575_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\DirectX\with.exe"C:\Program Files\DirectX\with.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
267KB
MD5df25241d2a36aa22f6cf94ef69b38fa1
SHA1f9f19e407d8f3168e290dcb13b17b0a3342c76b0
SHA256b40e3ef71e587d094557139a6ecfb05c572d94d9546156bf1c7080aaf336b6ac
SHA512ab6765d92a727a7629541499dd607bfaa26e484507fa2dbcfcc8d77f7e8c0d8776d49bfed975192491ab359f464aefdbd37c5c1a95d1f10102abca03d98b46cf