Overview

overview

7

Static

static

3

2024-05-15...id.exe

windows7-x64

7

2024-05-15...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/05/2024, 04:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-05-15_397c7907f83a7e8b0598baeba51b571c_icedid.exe

  • Size

    380KB

  • MD5

    397c7907f83a7e8b0598baeba51b571c

  • SHA1

    20f5c7c885e8f48cf8dde201917d694268f987ba

  • SHA256

    8fa36c658f5d8d03815dcff63d14d87716293a11b31c4c5f4413778aecd7c359

  • SHA512

    2cb77b0ffdacf09e3af7bbbbd8a223651762f1deb808aee840fbb0a2d92250c5a205bd5f586e96d04e2490198f05474d20a1d47728ef0e7d0e104d1518e6284c

  • SSDEEP

    6144:kplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:kplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-05-15_397c7907f83a7e8b0598baeba51b571c_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-05-15_397c7907f83a7e8b0598baeba51b571c_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4848
    • C:\Program Files\points\root.exe
      "C:\Program Files\points\root.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\points\root.exe
    Filesize

    380KB

    MD5

    58fb868e7ebaf82496df56e598918c9b

    SHA1

    eccc39b93120c9a11960b3a771af6c92cbaea74c

    SHA256

    70c0b39ba397f94e1b67a7435ed27bf91ff135b35190cbae512be4a1cdf166dc

    SHA512

    84b96b0875c58cee428c7dce0f6b356997ea9149c56293bf43689d63eaa6c1cf108b4c2d0a5551536cfa87e2c42c62bd5b33d8ff7b9ac1ed4c02d0c1d12f77c1

    Download Submit