Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
18/03/2024, 18:52
General
-
Target
2024-03-18_67c60ca238af176fe598aebeb1eeb0bc_icedid.exe
-
Size
417KB
-
MD5
67c60ca238af176fe598aebeb1eeb0bc
-
SHA1
04085933e2f131921e5c4f3c48acacbab3f85d4b
-
SHA256
5d15799536a88f755a6bfaac9ae8380e74c2f59fa40311e3f8296b9313777407
-
SHA512
cc2de29b4b354c55b7fb047605db351575e608779fbdce64fdf5df07726ffc3bcd3bed0e61b26579ec1eb244d6b485ef3455b498b817ba05faaf6db80549c3d9
-
SSDEEP
12288:/plrVbDdQaqdS/ofraFErH8uB2Wm0SX/Nr5FU:RxRQ+Fucuvm0a/
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-18_67c60ca238af176fe598aebeb1eeb0bc_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-18_67c60ca238af176fe598aebeb1eeb0bc_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Morgan\Kaufmann.exe"C:\Program Files\Morgan\Kaufmann.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
417KB
MD543e4b75d0c5ff3add8e370ff4cb32078
SHA1e711846f3434c559811b8e43653629cfaef8ff23
SHA256a5e67813c6e72be1106d56a75ccae7c01891ed18abed05e45139d7f215214d2b
SHA5123d2015e6e5be3c7a9e929d19493c97677ac9f099c18f92e9b68d30a33be822ddf1ee3b3360adddf374e7f646ced73873e495b05fe8b14ee3767a13212f25fe96
-
Filesize
1.4MB
-
Filesize
1.4MB
-
Filesize
1.4MB
-
Filesize
1.4MB
-
Filesize
1.4MB