Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
18/03/2024, 12:30
General
-
Target
2024-03-18_3d5536a887d358133f828a0a0309ef19_icedid.exe
-
Size
266KB
-
MD5
3d5536a887d358133f828a0a0309ef19
-
SHA1
8bb232948405e860bd91d0ab98eb88c50869436b
-
SHA256
f1e1f9a33d730b490b21aa115657e69bb8135b5f625a9acb56ce1ed2167ee4e2
-
SHA512
40b1dbef57de040dcfedcca70ffef764513dabbee1c13ae27fd92893d987b1fafec3668d3de37f464aa7ba02e0ea121626cc80adb8c146ac5ee1ff53e69cfdcd
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-18_3d5536a887d358133f828a0a0309ef19_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-18_3d5536a887d358133f828a0a0309ef19_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\locations\download.exe"C:\Program Files\locations\download.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
266KB
MD5e707d539d70ccb2c6a8d5307fc287115
SHA1cef1d884c004845daa6c91d9ae76d2e3ced96b23
SHA256ecf5da2fc1fa9059dda8299ef39738cd0d9a214b73ee9b2d6c8e58df47f2a5e8
SHA5123a162e173358757c15daf7c7f09369323b8973b2e6caeccc87c733a90055a20c87b803bcf7a403724c509f9f20b737d33a58dcc836eeec073d14a226966e112f