Analysis
-
max time kernel
14s -
max time network
119s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
02-04-2021 09:24
Static task
static1
Behavioral task
behavioral1
Sample
83d80467c78e410aed296bd36186c6259040197c6956d.dll
Resource
win7v20201028
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
83d80467c78e410aed296bd36186c6259040197c6956d.dll
Resource
win10v20201028
0 signatures
0 seconds
General
-
Target
83d80467c78e410aed296bd36186c6259040197c6956d.dll
-
Size
199KB
-
MD5
00cd62df65b1c4455ce3f94bc9365f94
-
SHA1
3c1fe084b2e739a370465df891ecddb5587275b9
-
SHA256
83d80467c78e410aed296bd36186c6259040197c6956de58ad31f10652d1b844
-
SHA512
84ad82f4f87245392d01af5497a74f7bc0ab74a08853e8b75d893d9d71dc2a26f150861ae8b0fbe8ba160b0726b6f964252449b62df6aa97253bc0c3b2b3df3e
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1584008337
C2
stoikoplot.xyz
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral2/memory/4692-2-0x0000000000B20000-0x0000000000B27000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 4692 regsvr32.exe 4692 regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4692-2-0x0000000000B20000-0x0000000000B27000-memory.dmpFilesize
28KB