Analysis
-
max time kernel
120s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
10-04-2024 02:30
General
-
Target
2024-04-10_2b6d5caff869ca1b04ea032806168a83_icedid.exe
-
Size
429KB
-
MD5
2b6d5caff869ca1b04ea032806168a83
-
SHA1
bf990a47868a4eeb7056acdf96665b1f95a3bfa5
-
SHA256
0a0299060a422d28f3aa5f6fcef5afae3fbbd46177455698eb64272f3bbdc697
-
SHA512
13d92f2f598af723ee4aa93dee911ea0b33573ac342e6d85ad3b0bccdf84983b7cc2c54075770db1749ca62d37f7c6d7048fb25c07718b042c62a28447258f6e
-
SSDEEP
12288:qplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:GxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-10_2b6d5caff869ca1b04ea032806168a83_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-10_2b6d5caff869ca1b04ea032806168a83_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\errors\upgrade.exe"C:\Program Files\errors\upgrade.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
429KB
MD598c5c9ac80f28882eb5cb5e9c7cf1d77
SHA155cc762c0fddd835bbb456eac81c6d9ce260d1b2
SHA256461707c98ee4fc8c3ccdee4d3c562212014718a0f68ab58addfaad30a9c34f10
SHA512ad470b301410e9c6bd6d58a61a18cd9721218b0e6af8f74347de7aa5341bf775a3c0cfa597ec5e2bc0802b3995b6f0038a868f48f9dc42754c943fbf58492837