9d8c7343c8f8456dd6df11e50245697bb76d56f1b0b3262de2cef8afe7fe57bf

Analysis

max time kernel
138s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
22/05/2024, 20:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Size

1.7MB
MD5

06e9876e9a11c491ddcf6bcb090febb0
SHA1

d417c618f7863a996aa67dd6946052d5d304aab2
SHA256

9d8c7343c8f8456dd6df11e50245697bb76d56f1b0b3262de2cef8afe7fe57bf
SHA512

133de0a7b9540be1068a58600d568c6c0380da266d4f8bfd65efe998c44c40a7f4f69d400b65d94eb609b67522a614a0f7d48b908b88c7c7393c201e124bf03c
SSDEEP

24576:HBpPjWxjdn9aWZdiGZmQQ7fC41lzFdE6tISgIfS9cBI9urkcKiTz:nPjUjdfZdiGZwihSgUt2ukcKiT

Score

1^/10

Malware Config

Signatures

Modifies registry class 12 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Kotato.AllVideoPlayer.playlist	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Kotato.AllVideoPlayer.playlist\ = "Playlist"	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Kotato.AllVideoPlayer.playlist\shell\open\command	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Kotato.AllVideoPlayer.playlist\shell\open	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Kotato.AllVideoPlayer.playlist\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe\" \"%1\""	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\.playlist\ = "Kotato.AllVideoPlayer.playlist"	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\WOW6432Node\CLSID\{A322D32A-E4BE-436e-B16F-075AC620A5AB}	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Kotato.AllVideoPlayer.playlist\DefaultIcon	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Kotato.AllVideoPlayer.playlist\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe,1"	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\Kotato.AllVideoPlayer.playlist\shell	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\.playlist	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-540404634-651139247-2967210625-1000_Classes\WOW6432Node\CLSID\{A322D32A-E4BE-436e-B16F-075AC620A5AB}\ = 9d89bbb29c86d0aa9db0ccb09ccdbeccce86ccb29d8699b299af94cace86cbca99b091ae9d9695b199af959f9d9598cb9d86becf9b96bfabce86cbca9dbfc7cb98cccbca98cc999f9c968ccf9b968ccc9cbf99ae9db3bbd1ce86a79f9d96cbcb9d95c8b39bcc9d9f	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
4940	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
4940	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
4940	2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe

C:\Users\Admin\AppData\Local\Temp\2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe
"C:\Users\Admin\AppData\Local\Temp\2024-05-22_06e9876e9a11c491ddcf6bcb090febb0_icedid.exe"
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4940

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads