Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
14/03/2024, 19:53
General
-
Target
2024-03-14_a11def6ec9317afe7be605e9eb110676_icedid.exe
-
Size
268KB
-
MD5
a11def6ec9317afe7be605e9eb110676
-
SHA1
43aaa054de471015259ed65de5fd8079b5973541
-
SHA256
40f401c1ff5b7be172ab6909fe1e29fd6ba2968ee4ccee2f6ebc7875b0425d2d
-
SHA512
2677bf1f1b0da406d2b39d944e24bd44bc3882e6879985f7fa9f999ae32eafee2f8cd41b48fc69859b0acf8568dac0850804e139497953a098e4278b512d003b
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-14_a11def6ec9317afe7be605e9eb110676_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-14_a11def6ec9317afe7be605e9eb110676_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\DirectSetup\Applications.exe"C:\Program Files\DirectSetup\Applications.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
268KB
MD5ab3025a1a632ab3348220e8ab4803e84
SHA1f028c9ce692fcdee4b08ea822403da562a1d30d4
SHA256dd9bd36502d68a0f788c373b22c960a44e379aa446602197888293e258dd891b
SHA5121e1d777aa6f44887197fed93b16065bb6681500c9dcfddfc7621426f5939397b6eaba0247c7fcc05ebbc15981518d763c8dd700c8ad870b87622c174a6e4784c