Overview

overview

7

Static

static

3

2024-04-08...id.exe

windows7-x64

7

2024-04-08...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 15:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-08_1857385fafee8cf7b6b31e599d421fbf_icedid.exe

  • Size

    429KB

  • MD5

    1857385fafee8cf7b6b31e599d421fbf

  • SHA1

    9c45faa38c5df41c6e073d50673eacd737ee26a9

  • SHA256

    48e3a1ffa49e26f4e47dcb9513ba9ff89a5977a49737b3b391043a78edd30305

  • SHA512

    545406c8746bcffa4e4d46ca78b2694f9414ddc3b810c33cacb090b7ff5088d90e49e5a86eb03d6e0fdc07611025aabdab99e549fc48f390daa1e87d5457822f

  • SSDEEP

    12288:qplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:GxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-08_1857385fafee8cf7b6b31e599d421fbf_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-08_1857385fafee8cf7b6b31e599d421fbf_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1112
    • C:\Program Files\Platform\December.exe
      "C:\Program Files\Platform\December.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1320

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Program Files\Platform\December.exe
          Filesize

          429KB

          MD5

          bd1d3224f7bff2464e4f860284407383

          SHA1

          0f248c1596940c22a322bcb798089a32ed6bdaa8

          SHA256

          617a1d9edc7552b213f718edf565cebae3f19802f7ac6b4304d93e9b7ba269cf

          SHA512

          33163a708ff6315828830ae894c009f4420dfc86f607c9917441e6342abefe2a70c7a168704c33bed6cb311c01afa4dd46afff0c552df2972ce1f72bccd98077

          Download Submit