Analysis
-
max time kernel
150s -
max time network
152s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
24-03-2021 21:15
Static task
static1
Behavioral task
behavioral1
Sample
f5f3906100524a7a0f4d49efec731a17bc7c4630b8a70299a09c24b6aec2c65f.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
f5f3906100524a7a0f4d49efec731a17bc7c4630b8a70299a09c24b6aec2c65f.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
f5f3906100524a7a0f4d49efec731a17bc7c4630b8a70299a09c24b6aec2c65f.dll
-
Size
52KB
-
MD5
016c995af9db34ffee6943ef109be66b
-
SHA1
4b75e62ba5e83f65f9e0620e19b18b34efcb7395
-
SHA256
f5f3906100524a7a0f4d49efec731a17bc7c4630b8a70299a09c24b6aec2c65f
-
SHA512
eabd41c3e10d128fe48386a0f5c4af65bd6cdeaaed1fc4dd249687c80151b86924a80f68d7583d226622ddade52c304495b80b5490e518cd78f09116f3b7db1c
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1211238709
C2
feaser2347.club
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1944-3-0x0000000000130000-0x0000000000137000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 1944 regsvr32.exe 1944 regsvr32.exe