Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
14/03/2024, 00:57
General
-
Target
2024-03-14_dee7fe0acec6a3a19d0d8ccfc6d25282_icedid.exe
-
Size
319KB
-
MD5
dee7fe0acec6a3a19d0d8ccfc6d25282
-
SHA1
d9c2208e3bf98a3c68473a6b1a4b78ab51856609
-
SHA256
104d6aa6e55cf37004b5830daf047970540aafc6db9e066f5d678c51a5b362ce
-
SHA512
fd83373850543942fca37a617ff6020da06699b9e5234cfea582338e1f890faedb9b2711bd584f67482d04cfb283f91e4625ef0e7b9493c0e435793e9cdb3a81
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-14_dee7fe0acec6a3a19d0d8ccfc6d25282_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-14_dee7fe0acec6a3a19d0d8ccfc6d25282_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\indicate\contain.exe"C:\Program Files\indicate\contain.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
319KB
MD55f41701073d44b94135c7ec063eb9c6c
SHA1dba0d897339b5875ec6a018a394d45dfac947504
SHA256dc0824a33a066c73f83941a64cf4dec9f4a318247594526d9a31c462df4f5d96
SHA512f07935d94d3f6436192f356b87d19ae1657964f2b53b838f1ce22f3b83e600990a2c35d1022a7a1b37513f16875f5cc3b32c15f569bf7e15520d4d674766e697