Analysis
-
max time kernel
122s -
max time network
129s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
10/04/2024, 07:37
General
-
Target
2024-04-10_a873e10b09d3d6acc140ac6cb3e37546_icedid.exe
-
Size
272KB
-
MD5
a873e10b09d3d6acc140ac6cb3e37546
-
SHA1
90b7179468ec7b7f3378a135e0845ee98ea9703a
-
SHA256
ff3a5e43ea32782a5e4c6ede3fcb8fda4d068c13d3e7555d8cfb04bc00af5e7f
-
SHA512
500c87e3c4d4fae2a8cb5c9f829f47e2b14138cd3fcd314da3d1eb1b1f76cf6960d8a190146a2015ca08df9282c65ec73b15cffab763b05381a412d90c0b1249
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-10_a873e10b09d3d6acc140ac6cb3e37546_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-10_a873e10b09d3d6acc140ac6cb3e37546_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\obtains\MessageBox.exe"C:\Program Files\obtains\MessageBox.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
273KB
MD5ac52e9be504a100298ad57298d693dbc
SHA12882e54779fb241bdd4e94ecabe22c6fff1f5f43
SHA256ac06879fb509d58fcc131754b0ed05e81fb746a95e583e70ed4babb712a919d4
SHA512924c81458b4cd3a566d55d613f751c9670d0ad3c541bbbb51f3591f237b97d0ff5906369aa0248fb1f0df57125c204b5386800686131fde7b2bb0123a58e3010