Analysis
-
max time kernel
120s -
max time network
129s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
19-03-2024 21:32
General
-
Target
2024-03-19_7735943e17f83f8df0d7ffa5deeda412_icedid.exe
-
Size
319KB
-
MD5
7735943e17f83f8df0d7ffa5deeda412
-
SHA1
28fe52628fd1de7d88c7f4e77e9af5d98061a7b0
-
SHA256
e36edef11426ce958b5b66ec22618657fa29d074af3520fbdbc00517070652e7
-
SHA512
92af2dda698941c9a1e3bbb22f2a0556635257ff9f498129fb1c3ff0f38322226932245b21fab863883443bdbdfaa77d95fe9a27d40a9d05c3223361163638f6
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-19_7735943e17f83f8df0d7ffa5deeda412_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-19_7735943e17f83f8df0d7ffa5deeda412_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\previous\behavioral.exe"C:\Program Files\previous\behavioral.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
319KB
MD5f67ccaaeee090b95803952cc8f191553
SHA13d65d68253aaab38696ee749f6cf8a422bb183ab
SHA256a3286084d0f671bea1544d84d3c73a9b9f817b83a316e4efc6794155db9e123f
SHA512a841eae7f43fffe8b6f873f6e925f4664a259692b2e667184510a09be822bc1dacefeaf57ae68b0633ec12de31394984753ed40e0fb73616d57f71b76940abde