Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
16-03-2024 10:43
General
-
Target
2024-03-16_45462c73103d7bd6ff3bd68ee8a7dc86_icedid.exe
-
Size
275KB
-
MD5
45462c73103d7bd6ff3bd68ee8a7dc86
-
SHA1
15b6731e63a315e674e58cdc83c6111a3e83a0d9
-
SHA256
98d841f951dfdd3c9402b08ece5b2421a741faa9fb146f1ea55ee6b96a494c82
-
SHA512
fcc62b13b5c7d9c4378a63e4eee4854f8b2c086ec03098149a11e8eafa49db3d2b0d59733033ac6636684d74246a32912b48480dbef073795c4e56e2a6ef2d7d
-
SSDEEP
3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-16_45462c73103d7bd6ff3bd68ee8a7dc86_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-16_45462c73103d7bd6ff3bd68ee8a7dc86_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\.exe"C:\Program Files\\.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
275KB
MD5803a7a2a8bf555e071980893476091fa
SHA16a5c60376837eca020ab8ca144380f2ba7bdce45
SHA25675394d71650363f2c153965a9f4c1f7c6b3a24a44a1840baf7ee78ec70686a17
SHA512f1d7237cb2c646d93944901d0367efdff3c6599e8a86849a8e14cc42bb1b1d22f132245a10ac67884d1ee5dd602dc5e3ef305ea09a2cd451add942c0653e1407