Overview

overview

10

Static

static

10

2024-10-09...id.exe

windows7-x64

1

2024-10-09...id.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-10-2024 04:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-10-09_25b705489325ca2a3179402687e3ecfe_bkransomware_icedid.exe

  • Size

    2.8MB

  • MD5

    25b705489325ca2a3179402687e3ecfe

  • SHA1

    2a8b229baa71cd500f0bbf5f0fe5aed95bc82083

  • SHA256

    5bc7606a453211435b294a9843d85ab58f747eacc0e16faa48ab57212d3cdca3

  • SHA512

    4237b36f396bef641ae95a710fd6303d9c52985040aab35b0b02e45f176d973e1fb0c38928a925247a92c8ed9d9898532ea600d8162c0ad63395034046eba74c

  • SSDEEP

    49152:Ze/6TJT0uQXa+6DokMm/lwH+vQStNdEwfQisgxoy34Z1y/iHkt2r4PRSEk1ul:Z86TJT0uKalokMm/lwe7dEwfQisgxoyH

Score
10/10
strelastealer

Malware Config

Signatures

  • Detects Strela Stealer payload 2 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-10-09_25b705489325ca2a3179402687e3ecfe_bkransomware_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-10-09_25b705489325ca2a3179402687e3ecfe_bkransomware_icedid.exe"
    1⤵
      PID:3732

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3732-0-0x0000000000400000-0x00000000006DA000-memory.dmp

      Filesize

      2.9MB

      Download

    • memory/3732-1-0x0000000000400000-0x00000000006DA000-memory.dmp

      Filesize

      2.9MB

      Download