Overview

overview

7

Static

static

3

2024-04-15...id.exe

windows7-x64

7

2024-04-15...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    15/04/2024, 20:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-15_8e68dba5c999be5a35f453b785d96698_icedid.exe

  • Size

    396KB

  • MD5

    8e68dba5c999be5a35f453b785d96698

  • SHA1

    4033ce268f476e2aa2a27955f19c78dfd6101cbb

  • SHA256

    1ca57f3ba843e1ccdb52735be9f19b16416fa0376881bf4265d642c918f40d64

  • SHA512

    16dd260e3f332258df47cc0daf24b856d09af3a06835210cb93a8c319ddc279b84052e1f7dd29fbe1bf3683207cb843005b4cac4f72a208774decdc6feeff686

  • SSDEEP

    12288:uplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:axRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-15_8e68dba5c999be5a35f453b785d96698_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-15_8e68dba5c999be5a35f453b785d96698_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2244
    • C:\Program Files\meter\requires.exe
      "C:\Program Files\meter\requires.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2084

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Program Files\meter\requires.exe
          Filesize

          396KB

          MD5

          5b618bda02fc2710fc152753cd8952b5

          SHA1

          63ef8743cf494c45b4e1d465950b2611086f3924

          SHA256

          95bd5d2e9cb0400438bc11289d3b4760cdad38301ddd5d12fddcec4562bc382c

          SHA512

          f19b21a61aff4ee9fa72e1a397f580336c39e064bb5f8ee2beed2ad0c9fae5fd64489836fb1d8fb4bbe74890f8e0d57286758b8b0e6684e5f9add0d620dccf4d

          Download Submit