0796bc3b492e5ae388f842b73dfc36a68c0b482d4347cf0448db13f91e6bedbb

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 01:01

Target

2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe
Size

289KB
MD5

fefe9118ac096b5300fbf413ebd47ce2
SHA1

5c290118ebea9124b6bb0538860d97649060f294
SHA256

0796bc3b492e5ae388f842b73dfc36a68c0b482d4347cf0448db13f91e6bedbb
SHA512

00af6bf8ee84179fedac27e3cd89c2821460afddf8236de93e65f9ec33c347ef8baa48cfd0092ab84b3b9bb829e0279c5b5c7e09bb9f56c723432b04cf6c0b2e
SSDEEP

3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x

Score

7^/10

Executes dropped EXE 1 IoCs

Processes:

match.exe

pid process

2092 match.exe
Loads dropped DLL 2 IoCs

Processes:

2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe

pid process

3012 2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe
3012 2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe

pid	process
2092	match.exe

Drops file in Program Files directory 2 IoCs

Processes:

2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe

description	ioc	process
File created	C:\Program Files\build\match.exe	2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe
File opened for modification	C:\Program Files\build\match.exe	2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe

Suspicious use of SetWindowsHookEx 8 IoCs

Processes:

2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exematch.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe

description	pid	process	target process
PID 3012 wrote to memory of 2092	3012	2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe	match.exe
PID 3012 wrote to memory of 2092	3012	2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe	match.exe
PID 3012 wrote to memory of 2092	3012	2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe	match.exe
PID 3012 wrote to memory of 2092	3012	2024-05-23_fefe9118ac096b5300fbf413ebd47ce2_icedid.exe	match.exe

\Program Files\build\match.exe

Filesize
289KB

MD5
175829962ce70ea95a7792c769a3ee8c

SHA1
70bfd71d98587dd36200eaea79f1d0382ad5f4c5

SHA256
6d1f7a02431c5138b9b4ef7bdf18c8e0f6b16704891f72225c45958220cb4fb5

SHA512
9674cd35b4e132a0bb78e181672992f40c625060d0b68099c371bc1d8f7eae796fe1d30144efe1dadc3eb6c3c419c9d54e25a654327415ad5c19beca532df28c

Download Submit