Analysis

  • max time kernel
    128s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    15-11-2020 23:04

General

  • Target

    8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f.exe

  • Size

    325KB

  • MD5

    c1b3ab21e5cc5de7a187772374f3c051

  • SHA1

    0b7bcf6b9c0f4b1d6c01f606e61c53a736bcccb2

  • SHA256

    8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f

  • SHA512

    0a9c44fbac0a68e969467090727ee2846ea850df02603b9468a9353ff28119fc31108df2a9d8d3bcd8f3726ad16cbf233d9b9543205a4e441f84da9e02c61c53

Score
10/10

Malware Config

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

  • IcedID Core Payload 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f.exe
    "C:\Users\Admin\AppData\Local\Temp\8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f.exe"
    1⤵
      PID:1068

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1068-0-0x0000000003090000-0x0000000003136000-memory.dmp
      Filesize

      664KB