Overview

overview

1

Static

static

1

2024-07-03...id.exe

windows7-x64

1

2024-07-03...id.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    03/07/2024, 05:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-07-03_7ac99f811a8f22c0af12aeb7cc2167b1_icedid.exe

  • Size

    10.5MB

  • MD5

    7ac99f811a8f22c0af12aeb7cc2167b1

  • SHA1

    0fe79f995cea52e4e03ae0af25ab40b5fc4f0af9

  • SHA256

    c997bae96ce06282ebbb5ce28d81c974f81f06b72b9bd336c237f9e8af6ded5a

  • SHA512

    9fc885cb62e4a68e792d2015a13b0ab6efc7333a26e998c3bdb1424e245858bdcf9f693c7bf1257ec7081399ec55691a7d180873b8eaf8717afd10466cea00c2

  • SSDEEP

    196608:W5LgZ6Rjydq7vtH+MZbhgvk6BEFvVL0Yh4HSwkiC8CtHsVGyq22Sm0mOE2Ei:v6RjyI7vYMZbh6k6BsdLhxwkif2HwzqQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-07-03_7ac99f811a8f22c0af12aeb7cc2167b1_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-07-03_7ac99f811a8f22c0af12aeb7cc2167b1_icedid.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2368

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\qiyi_install.ini
          Filesize

          41KB

          MD5

          79da78e2378b09c988b8a5eb2ba7f7ef

          SHA1

          5eaa5b463cd109ed28e3a209d3e7ee7029ef76c0

          SHA256

          b179f52e9c89baf808c617db0d43eb7cab5725d725240100d346fb62c56982a4

          SHA512

          411a8eb27bdecbfe8c588d5b599a4adec4caa222a2033675548f436678963d47a16ad054c30ecc9d3a8e95d1538f74a51f137921e88e68684fe401bb7aa01c9e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\qiyi_install.ini
          Filesize

          41KB

          MD5

          38247e4a3fd5a732b1843375288e17c5

          SHA1

          087ba29294b2f68b7efa00d41001a397018046d9

          SHA256

          37c823ea1dc472f5a3ee4bcee5375e41ec91840c1833636427b0cff5e8d23656

          SHA512

          8dd781e8a460d69ddecbebcb32acfb608bd1d8bf52bf245e5f795f3c4423a022719c8735c782a86fee313b1cfa62dc4b88d7c7f900d841962f281c8ca5a3fc6c

          Download Submit