Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
29/03/2024, 03:01
General
-
Target
2024-03-29_6ceed1a0f8fe4f8c4186ae4da6a77d70_icedid.exe
-
Size
271KB
-
MD5
6ceed1a0f8fe4f8c4186ae4da6a77d70
-
SHA1
69753595140d0bacc60197f07d87213727750852
-
SHA256
7f87b9a75dedd7e88760b53310100ce4ee3768e32ab6850e82bc59da9eace304
-
SHA512
e95e16d003eb9cacbda57b1c6e23ac92d8e9bdf8466d84d79556f05193197bedf88bd49baeaa5e94f05688d4c580b2cfe06f4e18a19a923c5ad4a28ca625fe96
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-03-29_6ceed1a0f8fe4f8c4186ae4da6a77d70_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-03-29_6ceed1a0f8fe4f8c4186ae4da6a77d70_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\withthe\provides.exe"C:\Program Files\withthe\provides.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
271KB
MD57329af6d004c233dbff1752806ec201d
SHA116b859668e26bf93648ba7e5d2bab3abb9bfe672
SHA25623596f4fba78ee58d575d587ecb7b019a9a538761ea240458735927cd6dd2577
SHA512c0d1512907368eddc3fe02d016ab4c78b4672447396189af59610332f40d72822d921888a3ae93cb8b863df09548d0e6ff1d4aa39377000cad55742717211a83