Analysis
-
max time kernel
10s -
max time network
111s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
24-03-2021 21:08
Static task
static1
Behavioral task
behavioral1
Sample
016c995af9db34ffee6943ef109be66b.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
016c995af9db34ffee6943ef109be66b.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
016c995af9db34ffee6943ef109be66b.dll
-
Size
52KB
-
MD5
016c995af9db34ffee6943ef109be66b
-
SHA1
4b75e62ba5e83f65f9e0620e19b18b34efcb7395
-
SHA256
f5f3906100524a7a0f4d49efec731a17bc7c4630b8a70299a09c24b6aec2c65f
-
SHA512
eabd41c3e10d128fe48386a0f5c4af65bd6cdeaaed1fc4dd249687c80151b86924a80f68d7583d226622ddade52c304495b80b5490e518cd78f09116f3b7db1c
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1211238709
C2
feaser2347.club
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral2/memory/1048-2-0x00000000012F0000-0x00000000012F7000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 1048 regsvr32.exe 1048 regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1048-2-0x00000000012F0000-0x00000000012F7000-memory.dmpFilesize
28KB