Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
09-04-2024 13:52
General
-
Target
2024-04-09_e764444ef647a40d4509beac1a21d4f6_icedid.exe
-
Size
272KB
-
MD5
e764444ef647a40d4509beac1a21d4f6
-
SHA1
c937f2161b16672156a8f80130decdcf8d5818c7
-
SHA256
c010aa39758c97ccce30c25f0809bd518e91d9eb9bf384d4b17c4d5f82acc22d
-
SHA512
8430e65e514cf1e0e2986937c6995f8a80e969c31823dfd35ae402eb2fc0d7c4415c33032926c8c052ae2f26e278e2eb084d44c56f31611ed6305a32bbe5f93f
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-09_e764444ef647a40d4509beac1a21d4f6_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-09_e764444ef647a40d4509beac1a21d4f6_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\topics\Morgan.exe"C:\Program Files\topics\Morgan.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
272KB
MD5128584e728c02dc2e6dce9e824da47ff
SHA13b9e0d1246179b1b62044e3a5d0bb76e616498e0
SHA2563e69a6d392dfd383ab7007d5a37ddcafc54a70c2406c9ad7c62fc5d1fdfd8d9c
SHA51206ff90c7440e773f6f677a4a659d0582ceda0e2ac82caa672a169a8a306fb85cb5a87dc3a26ba0ea593aa4b4d97d41027fd6a70241afeb8c2820728e24f9e7fd