Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
31/05/2024, 09:33
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-31_4b6c7f6a5768e53e967f4d9eb5dadf37_bkransomware_icedid.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-31_4b6c7f6a5768e53e967f4d9eb5dadf37_bkransomware_icedid.exe
Resource
win10v2004-20240426-en
General
-
Target
2024-05-31_4b6c7f6a5768e53e967f4d9eb5dadf37_bkransomware_icedid.exe
-
Size
1016KB
-
MD5
4b6c7f6a5768e53e967f4d9eb5dadf37
-
SHA1
3f6aab95a15430b33ef0cb7f1543acf9b5fcbc64
-
SHA256
a3812b081d38779dffdf0bf372ffc2bfcaf95e73d19a201439d3d1df2639cedb
-
SHA512
83f36e5e132ac683157795c484828dfb61a478503f5f5ba58ae224f552ee87ac029467dc9ea799dae1157992b0e7c23ccf283812ade38421e948377c0aed78e5
-
SSDEEP
12288:IyiP4NKFqoxWAB0bJXDAReMWHD5QlA6WkO0fI2uBafNaMiHWYJpR4Is/8qAuHXq:NE4NKFqh3zAGHF8u0Ukafj9qb3q
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 4656 3136 WerFault.exe 80
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-05-31_4b6c7f6a5768e53e967f4d9eb5dadf37_bkransomware_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-05-31_4b6c7f6a5768e53e967f4d9eb5dadf37_bkransomware_icedid.exe"1⤵PID:3136
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3136 -s 5322⤵
- Program crash
PID:4656
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3136 -ip 31361⤵PID:4388