Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
10-04-2024 08:32
General
-
Target
2024-04-10_5945afcc5524582f7f7534f1498b0741_icedid.exe
-
Size
275KB
-
MD5
5945afcc5524582f7f7534f1498b0741
-
SHA1
aa0a93ccb7d65d08a39cabd3931b67404f54d721
-
SHA256
863250317a9020ad3cab7b2c5fba1b7a825880e716b8a32dbe0cdd9be66a61e0
-
SHA512
dea71f553f44d7d57d5e8ffed5570fc4a3220dc9a9108474c543a56dbc08ce97f6be495609e3155073a10d9c52e7c425ebbc558fd47b584cae287580df892473
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-10_5945afcc5524582f7f7534f1498b0741_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-10_5945afcc5524582f7f7534f1498b0741_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\customer\component.exe"C:\Program Files\customer\component.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
275KB
MD5bacbd155942eadcac48ca4734d69abdf
SHA1b9953780a9273e904f66ab66e90a57808e9dbfab
SHA256b36844cd9d217c1dfa9512999a5c1fcf2935b2668a9e01e322cbd56ad9916c66
SHA512f8d8c4bda52806137f459f4dfe95c03d36ae1de128139cae70b095859530f13b50f9438b9cc2b6fe89fa0b38f7e3ca3316d6a9d820e9fd9e6d0ef868ae4fc727