Analysis
-
max time kernel
130s -
max time network
131s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
25-03-2021 11:08
Static task
static1
Behavioral task
behavioral1
Sample
d72d6ddcbdf401c1b05da01824aabd92.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
d72d6ddcbdf401c1b05da01824aabd92.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
d72d6ddcbdf401c1b05da01824aabd92.dll
-
Size
52KB
-
MD5
d72d6ddcbdf401c1b05da01824aabd92
-
SHA1
21405e03bb9a929672d53c68b0d6d2facf24d394
-
SHA256
f6ea31d1b674431a77384e8e84b15522055fc9c90fe7ca7e1f666d447277af41
-
SHA512
f8cca66fdacba29d0ed3e315617c92400ddff902ec6a72262467394c9c6659cdd797ad43e20e47527522751b430a76a2f2ad12a4bff49a7ea76d781a0f88bd05
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1211238709
C2
feaser2347.club
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/744-3-0x00000000001B0000-0x00000000001B7000-memory.dmp IcedidFirstLoader -
Processes:
resource yara_rule behavioral1/memory/744-3-0x00000000001B0000-0x00000000001B7000-memory.dmp crime_win32_icedid_stage1 -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 744 regsvr32.exe 744 regsvr32.exe