Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
05/04/2024, 16:50
General
-
Target
2024-04-05_dafaba0b04162fcad742532146693164_icedid.exe
-
Size
379KB
-
MD5
dafaba0b04162fcad742532146693164
-
SHA1
5c3709f7bf09e85151cf2c6a298ac604647885c1
-
SHA256
6d89c12bb8ac0ebee1c4face514a09a8bebaca3e8ee726ea3b757cdbdc739c9a
-
SHA512
0ea0bd8cbb96f91a646ab59f25a10b572479497e3343dc5e1e24e7a8f3974452f1b0873a57df4ca942b1183d4065569328c21c64275cc72833461b178baeb0d9
-
SSDEEP
6144:8plrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:8plrVbDdQaqdS/ofraFErH8uB2Wm0SXj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_dafaba0b04162fcad742532146693164_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_dafaba0b04162fcad742532146693164_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Follow\instructions.exe"C:\Program Files\Follow\instructions.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
379KB
MD50f3673f75cca6243b97475f55b6ec35b
SHA14c9f66f8d0801716beec264c6b300a1a4fca0210
SHA2560e108b1d189f33b888bc7eec985b94d59ccae21792fd0506473171ec6f099679
SHA51261d92aed63a2bfd9bf8a7fb5b5aa3d0d293fc2c2c5ca807162f1bd15c3103a58a61f8d57c57dda43841dc904a42ef84207957b05606d46a721c3dd96221e1b2e