Analysis
-
max time kernel
131s -
max time network
129s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
24-03-2021 22:16
Static task
static1
Behavioral task
behavioral1
Sample
0be20197536de0c1f34b289b1012add4f7fd06926f80947559fcf26b6edef39b.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
0be20197536de0c1f34b289b1012add4f7fd06926f80947559fcf26b6edef39b.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
0be20197536de0c1f34b289b1012add4f7fd06926f80947559fcf26b6edef39b.dll
-
Size
52KB
-
MD5
8e9f482f5123c7eef5de4ab08d2f7a9e
-
SHA1
7fce3fe79bbb381079bcfa07990b4dabc018cf7c
-
SHA256
0be20197536de0c1f34b289b1012add4f7fd06926f80947559fcf26b6edef39b
-
SHA512
8558af53e04dd31b9fa6d5f764c52e34c21745d9716483df290a773044048203f530f3a49ffc3f1f1e9697daf94fc1ebdad55409ba8db43277d4dbe25f637538
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1211238709
C2
feaser2347.club
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1152-3-0x00000000000C0000-0x00000000000C7000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 1152 regsvr32.exe 1152 regsvr32.exe