Overview

overview

7

Static

static

3

2024-04-17...id.exe

windows7-x64

7

2024-04-17...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    17/04/2024, 01:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-17_4d3215d68de8ed3d1ad0d4245e04bca1_icedid.exe

  • Size

    285KB

  • MD5

    4d3215d68de8ed3d1ad0d4245e04bca1

  • SHA1

    7cc3c70f682955449f516afd46ef3fd827cbc483

  • SHA256

    a9bbadcd1fb0b6df5f8f8c3de66e7fba094e59ba5d29a68a0c4eb6309e14503e

  • SHA512

    26a3babef4d1f3a64e54ffdbd0560df5c0f2d50366a51d9583060e84fc65b0ff83862e429b88c415bc8e343566703472461ca40712baa14aa694b176cf0b03a0

  • SSDEEP

    3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-17_4d3215d68de8ed3d1ad0d4245e04bca1_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-17_4d3215d68de8ed3d1ad0d4245e04bca1_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1304
    • C:\Program Files\.exe
      "C:\Program Files\\.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\.exe
    Filesize

    286KB

    MD5

    7bd661952fba22d62028958ca3a8bfb7

    SHA1

    9a093298309833ef47075179437af953ef0bcfad

    SHA256

    c5489c10af15ef1fce01bc91fee3029dc6acd36ca78d4eea10b37970b0b22f14

    SHA512

    04a299558f709ba7a508a64aabee1344e1202f67c9a533ca0a2625a43c56f301f729e0e23cb14d5b6a4519e38891d0ada4e529379e580d1aab768370a7eed09e

    Download Submit