Overview

overview

7

Static

static

3

2024-04-10...id.exe

windows7-x64

7

2024-04-10...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-04-2024 02:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-10_2b6d5caff869ca1b04ea032806168a83_icedid.exe

  • Size

    429KB

  • MD5

    2b6d5caff869ca1b04ea032806168a83

  • SHA1

    bf990a47868a4eeb7056acdf96665b1f95a3bfa5

  • SHA256

    0a0299060a422d28f3aa5f6fcef5afae3fbbd46177455698eb64272f3bbdc697

  • SHA512

    13d92f2f598af723ee4aa93dee911ea0b33573ac342e6d85ad3b0bccdf84983b7cc2c54075770db1749ca62d37f7c6d7048fb25c07718b042c62a28447258f6e

  • SSDEEP

    12288:qplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:GxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-10_2b6d5caff869ca1b04ea032806168a83_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-10_2b6d5caff869ca1b04ea032806168a83_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2920
    • C:\Program Files\status\novice.exe
      "C:\Program Files\status\novice.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3688

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\status\novice.exe
    Filesize

    429KB

    MD5

    65d0a843e3d30805c0d10d9ac6f21181

    SHA1

    93a60d09fa5f3d32fd0c1a454f95df91197662f9

    SHA256

    ef97322cfb749324ba0a1fe3a7acac682a73910bb7699c2d35534f3afdb295af

    SHA512

    8ed68ff39d3d682d2d5ba051a628420c86269bf27dfebb64b6909b13abd85743bb9fd46fb25c332b05808084b4d9371660c6a82cb77594f6e837ebdef64d7f48

    Download Submit