Analysis
-
max time kernel
529s -
max time network
530s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
12-03-2021 18:16
Static task
static1
General
-
Target
f813c14c50fe621283850b968b386d0cf4031cd3c6a110af6cdb7dcb9e699101.exe.dll
-
Size
153KB
-
MD5
a803c35fd7de84f8c5a3c0143e4afd84
-
SHA1
9e9334fadb40fe49e2f9ddba6604df78eb9d8f3a
-
SHA256
f813c14c50fe621283850b968b386d0cf4031cd3c6a110af6cdb7dcb9e699101
-
SHA512
3313bb47924a1afc82a947d55972e20caa33bcd096572bab6158682e8a3ee6c1878a1fd785fbc1e3a40b14a64e40a96ee3d32e3b078bbbf32a9f15fab3de579c
Malware Config
Extracted
Family
icedid
Campaign
162205677
C2
klicka2.online
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/804-3-0x0000000000590000-0x0000000000597000-memory.dmp IcedidFirstLoader -
Processes:
resource yara_rule behavioral1/memory/804-3-0x0000000000590000-0x0000000000597000-memory.dmp crime_win32_icedid_stage1 -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 804 regsvr32.exe 804 regsvr32.exe