Analysis
-
max time kernel
4s -
max time network
9s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
24-03-2021 17:44
Static task
static1
Behavioral task
behavioral1
Sample
ed3a24dd16bc02038d4f1d52f6404c185b6779053f0159854fea91439088d69e.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
ed3a24dd16bc02038d4f1d52f6404c185b6779053f0159854fea91439088d69e.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
ed3a24dd16bc02038d4f1d52f6404c185b6779053f0159854fea91439088d69e.dll
-
Size
79KB
-
MD5
1174aa272e7176ab4df8bb35d01cc0c2
-
SHA1
3c2067feb12578c8a11ca87865a85d69515f2144
-
SHA256
ed3a24dd16bc02038d4f1d52f6404c185b6779053f0159854fea91439088d69e
-
SHA512
5af1b8f3eb41b65dbac6e153746fa3228c019ddc62e9337c0bbc8413244e5cd843122cd8a092b0534ef366c405f5f1fbaaf9394d709eabc5fd0b2cd5e50f5475
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1211238709
C2
912caporers.fun
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/776-3-0x0000000000140000-0x0000000000147000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 776 regsvr32.exe 776 regsvr32.exe