Analysis
-
max time kernel
147s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
15-05-2024 22:15
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-15_f7733b8d84aefe3c2c47ddf2bfa3f530_bkransomware_icedid.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-15_f7733b8d84aefe3c2c47ddf2bfa3f530_bkransomware_icedid.exe
Resource
win10v2004-20240508-en
General
-
Target
2024-05-15_f7733b8d84aefe3c2c47ddf2bfa3f530_bkransomware_icedid.exe
-
Size
1020KB
-
MD5
f7733b8d84aefe3c2c47ddf2bfa3f530
-
SHA1
7f6c28b759e80bda8efa867667b18ffb7f1c9916
-
SHA256
033a09f420b5d6e45662cfb397215976a39624ea86e013413f9201043c139a6a
-
SHA512
c65a5d81d772653f8a1360a5efe4920787bd220f782a9dff97639e883d0dd433400bba68fc0db8322fed364636e36731c50d0fbb8b5634bfb4d7944186da4996
-
SSDEEP
12288:c1jffwkovHPGD9hdS7RKZk0ZpuaXeITRC9aYHmrgG9ahmADWmTSCVBFuy0QcNOX5:cBffwkovAo7c2CESqGrgxmMrBFbtlP
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 4560 3436 WerFault.exe 2024-05-15_f7733b8d84aefe3c2c47ddf2bfa3f530_bkransomware_icedid.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-15_f7733b8d84aefe3c2c47ddf2bfa3f530_bkransomware_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-15_f7733b8d84aefe3c2c47ddf2bfa3f530_bkransomware_icedid.exe"1⤵PID:3436
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3436 -s 5322⤵
- Program crash
PID:4560
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3436 -ip 34361⤵PID:1684