Overview

overview

7

Static

static

3

2024-04-11...id.exe

windows7-x64

7

2024-04-11...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/04/2024, 03:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-11_5afd3d980e24917f38284103b574e6b3_icedid.exe

  • Size

    428KB

  • MD5

    5afd3d980e24917f38284103b574e6b3

  • SHA1

    8dd56d0d8dc188ee57ae0b9add74be41d5bbf599

  • SHA256

    eb1adc23c1ed0f615e34a6bec58510c07b9e3f394f983366f4f6ece5df27550c

  • SHA512

    a79898fc06367d8ecc5dd8873d6b679fec08f8cd29421413ed9f70d3b7fff9d4fc4b4d7f4984c2ccd90bc148c7adfad740e3298c8d96400a397d2ffa2ab99d41

  • SSDEEP

    12288:splrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:4xRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-11_5afd3d980e24917f38284103b574e6b3_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-11_5afd3d980e24917f38284103b574e6b3_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:528
    • C:\Program Files\Czech\Dutch.exe
      "C:\Program Files\Czech\Dutch.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1532

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Czech\Dutch.exe
          Filesize

          429KB

          MD5

          c00b236ced4d50fe2a2381058e825c8f

          SHA1

          daf527cf4a63aa8f3467de210a51e2dc34f6f1b2

          SHA256

          2b3a609cdb562ec17ff855cfdbd1cec838680125d85624b7f126b9c742147e44

          SHA512

          54fc9f4502f75f7cba8d918ebd9adb34851b8e09efea898cc0f0cbe5aa45c33b3efe32011692ab985d2d1889e38f69124ad99dadda9fb6b51475ee8cda563e86

          Download Submit