Analysis
-
max time kernel
17s -
max time network
69s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
24-03-2021 20:44
Static task
static1
Behavioral task
behavioral1
Sample
d15fd8c40ec6cf42ae42ca9b2d070628d126934dc2358661784669224f922647.dll
Resource
win7v20201028
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
d15fd8c40ec6cf42ae42ca9b2d070628d126934dc2358661784669224f922647.dll
Resource
win10v20201028
0 signatures
0 seconds
General
-
Target
d15fd8c40ec6cf42ae42ca9b2d070628d126934dc2358661784669224f922647.dll
-
Size
52KB
-
MD5
08a5d2176830db1c0f79a43f8a7055c4
-
SHA1
ae6679c403b9d1976a49bf217695e7d129509090
-
SHA256
d15fd8c40ec6cf42ae42ca9b2d070628d126934dc2358661784669224f922647
-
SHA512
7cee4b8744208a2faf75fe6fd00fc39df4409873992b314b08f998b1bae6dac1ae67eb1b4c93cb002e34222b31770685d57c3967d9a1dbdd19d3e85ce81b28d6
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1211238709
C2
feaser2347.club
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral2/memory/1456-2-0x0000000001320000-0x0000000001327000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 1456 regsvr32.exe 1456 regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1456-2-0x0000000001320000-0x0000000001327000-memory.dmpFilesize
28KB