Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
11/04/2024, 07:52
General
-
Target
2024-04-11_dbbf4fd1b98e12c724b05e13db11bb64_icedid.exe
-
Size
390KB
-
MD5
dbbf4fd1b98e12c724b05e13db11bb64
-
SHA1
474253119ef1771f696ef631b9172ac84016b145
-
SHA256
78546311cb3ef7622f6f1c7c66e2e8c0f95b7f37081d12f11adf5f5d4dbbb532
-
SHA512
9a7d2e502cdf94628866d5abd1ada198984b5ff55830aaacd4f0bd3eabf4557a0717a92d34c5d3927b5388c09578d042c4bf3ba578594ffe6217b3df5ba8d2bb
-
SSDEEP
12288:KplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:mxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-11_dbbf4fd1b98e12c724b05e13db11bb64_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-11_dbbf4fd1b98e12c724b05e13db11bb64_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Publishers\Trip.exe"C:\Program Files\Publishers\Trip.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
391KB
MD5f68af327a9410f6a50de0c761a6a7cfc
SHA1ed326581c535eb3cd418791868b177808d7c3b98
SHA25608d158e84ddef95b7d116ad54707f5192f938d9dff0f9ab1bc6fdfee39f5c820
SHA51223a9d4278180b5e684fa867bf4e456ac95ad6c45a221c0765064a103b5de7017d04ae170c0261187d6569f657e0cfbd8ef59d2561c4df73138398394581da3b9