Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
25-03-2024 19:42
General
-
Target
2024-03-25_de5432a7d03f5d336ca4fa0caa5bfdae_icedid.exe
-
Size
429KB
-
MD5
de5432a7d03f5d336ca4fa0caa5bfdae
-
SHA1
ba9ade40dab67aab983a82fdc29a9f2443582389
-
SHA256
12951aa4f5ae63c3ae6ebafd77f0caa6d06c1516e65bed36d217bdce3196ccb4
-
SHA512
1f16a3137b9f5f8817e9fd32f726483421a8168475f638681370274ec430c41d44609a5911c174c20b2f966de357f847eeded127657f22b8e3107a441dfb3f26
-
SSDEEP
12288:YplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:ExRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-25_de5432a7d03f5d336ca4fa0caa5bfdae_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-25_de5432a7d03f5d336ca4fa0caa5bfdae_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Korean\Polish.exe"C:\Program Files\Korean\Polish.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
429KB
MD5924f8fa94e24c5cbe1c5dc64b2f12d6d
SHA1456835408088db46314a43c920b0846b6ac2ae4e
SHA256309a4a5b9c396df3e09ad3b7f2fc5bff6933e7797aadac2455de7ba8c41a3e8d
SHA512caf1804b98c8b2e7dc387e4242e04e33bf7549f1033d94735b1660c5fe1e757057376032eb75eac2a333656dfefd48456b67050d570401941fa95f8e3440046b