Analysis
-
max time kernel
147s -
max time network
22s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
14-11-2020 18:13
General
-
Target
9d469a4a0f0878719e7f2677c8e98b4befc2a2948dce529a9ea9ec427b13cbe2.exe
-
Size
667KB
-
MD5
59f93787ec27a6cb7db86a0d7b345c2a
-
SHA1
0099c1410b56bc9861fce9c6df7ca06505ad0255
-
SHA256
9d469a4a0f0878719e7f2677c8e98b4befc2a2948dce529a9ea9ec427b13cbe2
-
SHA512
497e344b3eeca70a9aeb4eb5435ccf8634f5ac45e9e02b24e4196fa355f40e66a6681be57505ebab6c0cdc65ef242882f77fc295b7baeda231825ffba27b1ecf
Score
10/10
Malware Config
Extracted
Family
icedid
C2
kostacardsplayer.pro
kostafootball.info
countrylandlords.info
landiscloudlord.red
Signatures
-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
IcedID Second Stage Loader 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\9d469a4a0f0878719e7f2677c8e98b4befc2a2948dce529a9ea9ec427b13cbe2.exe"C:\Users\Admin\AppData\Local\Temp\9d469a4a0f0878719e7f2677c8e98b4befc2a2948dce529a9ea9ec427b13cbe2.exe"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1876-0-0x0000000000250000-0x0000000000255000-memory.dmpFilesize
20KB