Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
125s -
max time network
142s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
11/04/2024, 07:52
General
-
Target
2024-04-11_dbbf4fd1b98e12c724b05e13db11bb64_icedid.exe
-
Size
390KB
-
MD5
dbbf4fd1b98e12c724b05e13db11bb64
-
SHA1
474253119ef1771f696ef631b9172ac84016b145
-
SHA256
78546311cb3ef7622f6f1c7c66e2e8c0f95b7f37081d12f11adf5f5d4dbbb532
-
SHA512
9a7d2e502cdf94628866d5abd1ada198984b5ff55830aaacd4f0bd3eabf4557a0717a92d34c5d3927b5388c09578d042c4bf3ba578594ffe6217b3df5ba8d2bb
-
SSDEEP
12288:KplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:mxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-11_dbbf4fd1b98e12c724b05e13db11bb64_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-11_dbbf4fd1b98e12c724b05e13db11bb64_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Kaufmann\Publishers.exe"C:\Program Files\Kaufmann\Publishers.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
391KB
MD52cbe4b958c0cf47e985f16e750c22e14
SHA1863b3c0669d2ffca0de7678bde17205be05e849c
SHA256d6a084cfd77f9f5b6a2a4af535ee339ccaf94c795b2ad6d122ae3f7f9dd25284
SHA5122f8e154ac38fed4e6d4286485a30f9ac44a948dbc9a0c86e024c2ed759def49963f8a1e88cda224ecd344fdeb821ccebcb58ae1fbd1c1ac2443e8cb743193f32