Analysis
-
max time kernel
123s -
max time network
62s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
24-03-2021 17:46
Static task
static1
Behavioral task
behavioral1
Sample
f3ab9c6d12a8c0dcefa9d971249b757cd4d36aa2faca0299469204fd0ede7494.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
f3ab9c6d12a8c0dcefa9d971249b757cd4d36aa2faca0299469204fd0ede7494.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
f3ab9c6d12a8c0dcefa9d971249b757cd4d36aa2faca0299469204fd0ede7494.dll
-
Size
66KB
-
MD5
efbc717d266383ff655e917a2dc29882
-
SHA1
102c35d5029c66768285086242893eec836f792c
-
SHA256
f3ab9c6d12a8c0dcefa9d971249b757cd4d36aa2faca0299469204fd0ede7494
-
SHA512
0b44f17c88a3c21e0923c6d59abba44e88619214ae50089639917a0ea7e4a23e4889c77c67699f6c725c55bba2d580d431a3af40e4f95e7b5f06126974f33d11
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
3683573724
C2
24savetonnofmaoney.xyz
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/292-3-0x0000000000150000-0x0000000000157000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 292 regsvr32.exe 292 regsvr32.exe