Analysis
-
max time kernel
130s -
max time network
130s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
24-03-2021 22:33
Static task
static1
Behavioral task
behavioral1
Sample
44279.9050265046.dat.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
44279.9050265046.dat.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
44279.9050265046.dat.dll
-
Size
52KB
-
MD5
648d283a4d67ed886b4e8749c4850e45
-
SHA1
64ab0ae64f2483ee474e38d74c196011d66c92b4
-
SHA256
bb13c30268b162e5328dfedaa18689802cd23b1781a991a0902f936b76fa1d3d
-
SHA512
07dc2b0eccaa7ecf6aaef761a1754ef7e4d1316567b62f32547c3bbaae68cc4b18e94e7c966be51d8c170699268690830e52be57dcabb802649a86fb4c314d89
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1211238709
C2
feaser2347.club
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1684-3-0x00000000002B0000-0x00000000002B7000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 1684 regsvr32.exe 1684 regsvr32.exe