Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/03/2024, 11:25
General
-
Target
2024-03-25_1491adf8f8e2b7bcb659537a5e892da5_icedid.exe
-
Size
315KB
-
MD5
1491adf8f8e2b7bcb659537a5e892da5
-
SHA1
59f06e69b5740d611a45631a229260714c448fd0
-
SHA256
c736520d0d190f9d01d41b600a21a8bccc5db4c2b90c63b10fce57325a3e3d10
-
SHA512
eaaefb5608d62e46b1681f6cc7e079bb11e6e717710fdee6ef54b19d4e2e62c2c856b07353cc16ca5d0afdbc87f44f3c30e61ba6bacc15d1d6e6c8786ce81ea2
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-25_1491adf8f8e2b7bcb659537a5e892da5_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-25_1491adf8f8e2b7bcb659537a5e892da5_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\previous\behavioral.exe"C:\Program Files\previous\behavioral.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
316KB
MD53062f8c840e8d72521ff8faa6c504766
SHA16eb4105b034e28f4592569bfe6967a5750d2cfdb
SHA256a93049c81e344690df8a132cfba8383e16b350570cc86a4228a120220c41d24b
SHA512ba1a7ff7375acef15e8c8c8c9077084bbfe30b1967b12b339844845b31a36a3d983e6db79e3a0763262924ddf2ff5e87ca9a88df1702dc5c2533e7e3325593c4