General
-
Target
b63e3ccc1accb0fde3af7bcfbd0554d3.dll
-
Size
1.4MB
-
Sample
210226-96v6tzkcv2
-
MD5
b63e3ccc1accb0fde3af7bcfbd0554d3
-
SHA1
6a6cf5af326f2ae625b97cb3658366d45608e6b9
-
SHA256
0982c38ddad347ce0ff426106db78f3e51b723d7d90308a970ef43ef84fc8d75
-
SHA512
51dfced4855cc288132e20879e8dc9c8626b6ea5ec71b9ded9be9ab01b8e77c3bdedc817dfde9a456aa957e32f8e9dac6c7640b86facd7429d549d3279ead17b
Static task
static1
Behavioral task
behavioral1
Sample
b63e3ccc1accb0fde3af7bcfbd0554d3.dll
Resource
win7v20201028
Malware Config
Extracted
icedid
3109461289
Targets
-
-
Target
b63e3ccc1accb0fde3af7bcfbd0554d3.dll
-
Size
1.4MB
-
MD5
b63e3ccc1accb0fde3af7bcfbd0554d3
-
SHA1
6a6cf5af326f2ae625b97cb3658366d45608e6b9
-
SHA256
0982c38ddad347ce0ff426106db78f3e51b723d7d90308a970ef43ef84fc8d75
-
SHA512
51dfced4855cc288132e20879e8dc9c8626b6ea5ec71b9ded9be9ab01b8e77c3bdedc817dfde9a456aa957e32f8e9dac6c7640b86facd7429d549d3279ead17b
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-