Overview

overview

7

Static

static

3

2024-04-05...id.exe

windows7-x64

7

2024-04-05...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/04/2024, 12:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-05_694184efe5d798a97d360757c28d730b_icedid.exe

  • Size

    270KB

  • MD5

    694184efe5d798a97d360757c28d730b

  • SHA1

    97308e4d491648a192774f2b42759c2a5c70cbbc

  • SHA256

    6e26067a894cad2257ca8d42fe908859cfef0184517f33270b449c4869f5a8d2

  • SHA512

    6953e364ff9a59f785b11fc0b5886cfc0f03ebbef433df6efbd7599ce36a0edd7d3fd36965ca57e5b79b5902932871af6f654796dc0bbdef30acacff2b6e0526

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-05_694184efe5d798a97d360757c28d730b_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-05_694184efe5d798a97d360757c28d730b_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2868
    • C:\Program Files\privileges\install.exe
      "C:\Program Files\privileges\install.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3512

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\privileges\install.exe
          Filesize

          271KB

          MD5

          fa459acd1f18514647c280fd2e2d5b7e

          SHA1

          ef1d7739f60abcc8a57762af4291f77a42823da0

          SHA256

          c37a991a8b3d2732fe2e843555b747048bbb5bafcb484c423a16ffc0cb16f7ee

          SHA512

          e1bd5c11c8ad91a5baf87e2b913f257216798d3fce2b942ad665f9da7c3f137f6ceecac03615c788292b4297e4551fbe8cf9cb2f7c2250d9f687fd95e0be8be0

          Download Submit