f12edcc2e34808aadd18fd72e4f8808cea25f3a1ed10efc37cc6ad0d35ac4332

Analysis

max time kernel
51s
max time network
52s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
30/06/2024, 00:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Size

1.7MB
MD5

9ad4f3dab264062180dad0e0f1bc2ef3
SHA1

a9c9e770c9b0024917fbaaee069ebb448afccaa4
SHA256

f12edcc2e34808aadd18fd72e4f8808cea25f3a1ed10efc37cc6ad0d35ac4332
SHA512

3cf2679b41eaf1e75a0c5e98aa834869ac8d08993e00619d826451479ae520466efd2768368f2542c89042c3510e227b290ec7fcbe921c2826595581731cfab6
SSDEEP

24576:ikKUWj+Ml4tyYOQ1dKy1lzF6E6YY5nLciWxJrztS0WOleTdF:RK1j+7tyYfzO5nQt5M0WOleTD

Score

1^/10

Malware Config

Signatures

Modifies registry class 12 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\.playlist	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\WOW6432Node\CLSID\{758D2268-26E1-46eb-91EE-2968C83F08CF}\ = 9d89bbb29c86d0aa9db0ccb09ccdbeccce86ccb29d8699b299af94cace86cbca98cd94cc9b969daf9c96d09f9d9598cb9d86becf9b96bfabce86cbca9dafc8af9db09ccc9bcdcc9f9c968ccf9b968ccc9cbf99ae9db3bbd1ce86a79f9d96cbcb9d95c8b39bcc9d9f	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Kotato.AllVideoPlayer.playlist	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Kotato.AllVideoPlayer.playlist\ = "Playlist"	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Kotato.AllVideoPlayer.playlist\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe,1"	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Kotato.AllVideoPlayer.playlist\shell\open	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\.playlist\ = "Kotato.AllVideoPlayer.playlist"	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\WOW6432Node\CLSID\{758D2268-26E1-46eb-91EE-2968C83F08CF}	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Kotato.AllVideoPlayer.playlist\DefaultIcon	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Kotato.AllVideoPlayer.playlist\shell\open\command	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Key created	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Kotato.AllVideoPlayer.playlist\shell	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Kotato.AllVideoPlayer.playlist\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe\" \"%1\""	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
4412	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
4412	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
4412	2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe

C:\Users\Admin\AppData\Local\Temp\2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe
"C:\Users\Admin\AppData\Local\Temp\2024-06-30_9ad4f3dab264062180dad0e0f1bc2ef3_icedid.exe"
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4412

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads