Analysis
-
max time kernel
3s -
max time network
11s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
24-03-2021 18:23
Static task
static1
Behavioral task
behavioral1
Sample
9be5f9b38fed4880518cea4308b4f161.dll
Resource
win7v20201028
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
9be5f9b38fed4880518cea4308b4f161.dll
Resource
win10v20201028
0 signatures
0 seconds
General
-
Target
9be5f9b38fed4880518cea4308b4f161.dll
-
Size
79KB
-
MD5
9be5f9b38fed4880518cea4308b4f161
-
SHA1
b5bd657f03c0c0384d8ff9d5e04d4f309a5e2ed7
-
SHA256
7ba3ba6ff43011c0dc6ed40ae596cbed4bbfc205f9ae3ca6e473d5cd4b2f8f17
-
SHA512
1edcfba11c27af633716cb11d0581ec18d47d69ec791ef51a34be4e3ff2b7a7e1cf80a0ec1bf9c6ee1d402f4e12ed191441828d92dae036d902441354cbf9f33
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1211238709
C2
912caporers.fun
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1904-3-0x0000000000130000-0x0000000000137000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 1904 regsvr32.exe 1904 regsvr32.exe