Analysis
-
max time kernel
4s -
max time network
8s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
17-03-2021 13:32
Static task
static1
Behavioral task
behavioral1
Sample
summer.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
summer.dll
-
Size
43KB
-
MD5
0c72ab9a9056aa37eaca9d0be5ee30cf
-
SHA1
061fe160f7b96da8f01b245425a56a9792605ed6
-
SHA256
b3791ea2bce069a6a17d518c6b62e08273a0f7bcdc023536a71af7210722cccc
-
SHA512
3262e3d43bcec777447b822fc57a202b6b10818b7d2b7c7d75ea6ab900cf8ef9733b09d6fe9fe9e206aa8a371b35cd4d480d84dce072a058dedb71f01de85730
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
3557290534
C2
33nachoscocso.website
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1724-3-0x00000000001B0000-0x00000000001B7000-memory.dmp IcedidFirstLoader -
Processes:
resource yara_rule behavioral1/memory/1724-3-0x00000000001B0000-0x00000000001B7000-memory.dmp crime_win32_icedid_stage1 -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 1724 regsvr32.exe 1724 regsvr32.exe