Overview

overview

7

Static

static

3

2024-06-05...id.exe

windows7-x64

7

2024-06-05...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    99s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/06/2024, 12:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-06-05_18921f48ffc90bf22c520d2887d146e3_icedid.exe

  • Size

    278KB

  • MD5

    18921f48ffc90bf22c520d2887d146e3

  • SHA1

    e53b7ac71abc1dbf5782cf4728e9d80d497b1ecf

  • SHA256

    6f0a9c68f3ca3546a393775fe4cb1bf024b6fb6b18f85a1ee49fd6be254f8ce5

  • SHA512

    fae8d1271ad90ec587566af099e1332b0e15517972a824c4aebd1b2799c6fef0e38621e46787fd8bb3645d5e0fbc50d94b1637880b069b88d2c861c0faf80052

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-06-05_18921f48ffc90bf22c520d2887d146e3_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-06-05_18921f48ffc90bf22c520d2887d146e3_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4956
    • C:\Program Files\DirectSetup\Applications.exe
      "C:\Program Files\DirectSetup\Applications.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\DirectSetup\Applications.exe
    Filesize

    278KB

    MD5

    ce595dc7ce594569a78f2f270d663e10

    SHA1

    2decfc7ef0af99c38092fb37d371d06c0f435438

    SHA256

    725dc1b0e6abbc7bada2c1971dbe728496e13fdc76ac6e8443415a0a7619f3a8

    SHA512

    a665a81549986e80f28bd0370c5c285b519244f5ef2293b2e3c8a97977c7e26931dc4c7461fb83133db8dda0ecf9d9df92aae63adffb9bb188aaa3e9419810d8

    Download Submit