Analysis
-
max time kernel
147s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240319-en -
resource tags
-
submitted
05/04/2024, 20:32
General
-
Target
2024-04-05_4d3279a1776a148eabff94f58953e2e5_icedid.exe
-
Size
431KB
-
MD5
4d3279a1776a148eabff94f58953e2e5
-
SHA1
07e684d7014e0beea4ae37d160d95e6acb57036c
-
SHA256
bf4f8a952534bf332337013a1f151d44ea7748ae829b4b5c94ddd7a13d37362b
-
SHA512
05b1ecd2d007077cd2fe7b9c4b7c16c229254d857f2a4603054b8c0a1c4505f754f7d6cf76ce3e0bf3997cfecacab531966a943e32b8de90ce77239b3bc2b8f0
-
SSDEEP
12288:JplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:LxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_4d3279a1776a148eabff94f58953e2e5_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_4d3279a1776a148eabff94f58953e2e5_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\require\customer.exe"C:\Program Files\require\customer.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4460 --field-trial-handle=2264,i,1475924722205134884,16549311107360026087,262144 --variations-seed-version /prefetch:81⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
431KB
MD5dfac5149eb80ac6e73cce80fea39217a
SHA11db7c9696998bdf33c9dad32469fcad24f0ac5ad
SHA25688b33469865f2a1fc5ed9c677dc719d6b28230002cc8897616a98f58f3589984
SHA512e10da25df86c9cd1fa054c23f72436667070a544233a1cee11f2ff9b0e83b20d273e0194b341d01e2c31cdc19fc495443c6fc1daf88021a900655077b1074fa3