Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
22-05-2024 03:43
General
-
Target
2024-05-22_08d2d3c5a9298a746179e0b4475e8ee7_icedid.exe
-
Size
288KB
-
MD5
08d2d3c5a9298a746179e0b4475e8ee7
-
SHA1
9050a091b5c13104f29d5bb286b89e653efd2065
-
SHA256
f17537d2110e90fb8d884f308b72b97973ebc1dcefc5a3abb138657d31c14914
-
SHA512
fe816c3037b8bd99606b7b230250800e33d14c6f4d8525fb55e0db0947eb935978e6f4d6123d0e6fda735ec0223f681e65f86fd1dfe6dd92f286e1ac1bc076f2
-
SSDEEP
3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-22_08d2d3c5a9298a746179e0b4475e8ee7_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-22_08d2d3c5a9298a746179e0b4475e8ee7_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\.exe"C:\Program Files\\.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
289KB
MD5106ca4a30ce141e9a9244025a99b3866
SHA1e76c8ab6a74996682cc456641e123228f720a018
SHA256f3433154dab16cb24e92c783f49f0b5aa65ca419a75029b49b1d948159c49ab2
SHA5122577981b2c5821ff0ba52b32a132a920f38c793ea76388cc812efad4cec8d20b44202153fb2c5f9d141d3cdcaf28e4cda8b57830e1d3a5f4d5b2b5ed88a0a50f