424f3565b82da7f70bb8d86ea3a32b167efba9712800aff1e09466e4b0d4a209

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
24/04/2024, 04:25

Target

2024-04-24_e49ef0211ddd68d799b9d36d2a8fc6ef_icedid.exe
Size

269KB
MD5

e49ef0211ddd68d799b9d36d2a8fc6ef
SHA1

752e53a9416119357adab8f51315e32115be84ec
SHA256

424f3565b82da7f70bb8d86ea3a32b167efba9712800aff1e09466e4b0d4a209
SHA512

14526725a5acd11d4df61f90d61ed7327b7b4f4e6f8696f1eccf8eee33c80f0c6166ef5772a5634678fc8396b04df1f697f035e7a9987d2744b2078de97af0b1
SSDEEP

3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
1728	December.exe

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Platform\December.exe	2024-04-24_e49ef0211ddd68d799b9d36d2a8fc6ef_icedid.exe
File created	C:\Program Files\Platform\December.exe	2024-04-24_e49ef0211ddd68d799b9d36d2a8fc6ef_icedid.exe

Suspicious use of SetWindowsHookEx 8 IoCs

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4756 wrote to memory of 1728	4756	2024-04-24_e49ef0211ddd68d799b9d36d2a8fc6ef_icedid.exe	88
PID 4756 wrote to memory of 1728	4756	2024-04-24_e49ef0211ddd68d799b9d36d2a8fc6ef_icedid.exe	88
PID 4756 wrote to memory of 1728	4756	2024-04-24_e49ef0211ddd68d799b9d36d2a8fc6ef_icedid.exe	88

C:\Program Files\Platform\December.exe

Filesize
269KB

MD5
6761e13f351d3ff486c40d82d4c1bfff

SHA1
ad2bca72942077db4e673ef08011946368640cd3

SHA256
2ae322b263471b8c89f7f139b55b5b021323bf9bb3093e6f2cb879d3abe201ac

SHA512
034f754d246e2794e483749237e4bd89634c7fb398aef92517517cbd0922f1bc2237275e5b5abcbad3b10386195429e3676cc715671b175d7aadd649f185ea3c

Download Submit