Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22/04/2024, 19:38
General
-
Target
2024-04-22_ac1ced533ed1e6939f942bd59878bef1_icedid.exe
-
Size
323KB
-
MD5
ac1ced533ed1e6939f942bd59878bef1
-
SHA1
060222085a7ccd47f59b39295aaf2cf61a4e0e84
-
SHA256
e98369d706aa77f8743b492e0a2290d8a8cc9d0f973ceed47307ddb08717afbd
-
SHA512
5bb7dde1e345c87e48995da97903e3a4d8b1829a61248852e6ac4d7738944a8b7cd31fe254dabbbe7ecf2cc5ff9324ee7859864f07330c83df10931cf6984a14
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-22_ac1ced533ed1e6939f942bd59878bef1_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-22_ac1ced533ed1e6939f942bd59878bef1_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\December\future.exe"C:\Program Files\December\future.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
324KB
MD58d2d880ef8e5ecdc73ef999c113f1d8a
SHA141b88cc42a07cc97594385404cd0196a183c2947
SHA256ef2f93fe5af5377d5a5bcf9bbcf687850c2602d850b8d7257d505b239fee2c6f
SHA51201a2e6138a60a953e73777705e2ba5836a20ca3d1e13c1cff004074b485cce371d98ef6fe8dded4dab99e0b435cf77aa19cef347ec81850d0e42efecc7c44908