Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
10/04/2024, 21:39
General
-
Target
2024-04-10_85a77b080593db80de54f8dd04a3fc8d_icedid.exe
-
Size
274KB
-
MD5
85a77b080593db80de54f8dd04a3fc8d
-
SHA1
1151226b19d125d04431eede580eece57fb0c484
-
SHA256
9007dd78b55dc8af009a15d87516a10c7413d1b2ca5a04e4a806c435cd2f25cc
-
SHA512
66d462df112f5048e6ec3aeb70fc61a8e62158976db8de99c0d0d526f770d14ebd67eb9ddb7e6364d74efa22e9cad5b9748072f7550003d5f7ce819da5473f6c
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-10_85a77b080593db80de54f8dd04a3fc8d_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-10_85a77b080593db80de54f8dd04a3fc8d_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Morgan\Kaufmann.exe"C:\Program Files\Morgan\Kaufmann.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
274KB
MD5636b7798d5636d8eeaed53e5c5b87d56
SHA155c95df892efe9d49d4e8bd4033a76621ec60ed6
SHA25670294111d139f543b139bb06d0e8317c1b017e69d4cede0d6774085fba5b6fcd
SHA512b0dd3093a4c35eece312481ffac1340c76fbfc54fd8c1715dff979f6cc809fcc1db2422fb311b7b89a226e9943cce9f4a7d465df850b2b99a4b4442f2cb35376