Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/03/2024, 19:55
General
-
Target
2024-03-25_a4768e2a88652c568748e6849070fa19_icedid.exe
-
Size
320KB
-
MD5
a4768e2a88652c568748e6849070fa19
-
SHA1
3cf5ec3488e5890b677ef215ba269f935eaca956
-
SHA256
03f688efe71be8d7434b5760abedc855515776875b1f7d07c540eb32a1008a5a
-
SHA512
9b70c81c240a416960022fcd9c519e25b35475a91df819dde2fe5b7f8a3ef6b9e504da1947c519696ca011af6d589a3dee682a746385970efbf020923af253ee
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-25_a4768e2a88652c568748e6849070fa19_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-25_a4768e2a88652c568748e6849070fa19_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\perating\systems.exe"C:\Program Files\perating\systems.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
320KB
MD56a67fb359371e27afddd1beb9365af76
SHA1849a88bae794911429d3e719a9b20264c3cdf229
SHA256f80573e627bc61c1fe63e99938d25c53a75143265df2d59fdd206dd29fc487fc
SHA512cc3bee66f0077773b25feabbd8d7d4fc6c382d76d2fbf5ab07571a9e8d215c0d3ec961af4049a58ccd82136b0beedcd71c297c7b793c1f73adc55a2557546700