Overview

overview

10

Static

static

Kiod.hod.dll

windows7_x64

10

Kiod.hod.dll

windows10_x64

10

Analysis

  • max time kernel
    130s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    09-04-2021 09:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kiod.hod.dll

  • Size

    64KB

  • MD5

    d7b3fe762d53da6ea7028d1d48cb11f1

  • SHA1

    e3ff87266aa56dd14e8f5fa70e44fe0539924079

  • SHA256

    d1634c8dd16b4b1480065039fac62d6c1900692f0ccc9bf52c8ddc65599fbf3d

  • SHA512

    035e9a44e911a792762bdb5d58d341f4c03422f765a74d18998076b6dc7b4ac04a48a1133574fa1590cc797531a8961623923b175390e9bcb8900f844e7a9a34

Score
10/10
icedid2046050bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2046050

C2

calldivorce.fun

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • IcedID First Stage Loader 1 IoCs
    loader
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\Kiod.hod.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/780-60-0x000007FEFBB61000-0x000007FEFBB63000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-61-0x0000000000140000-0x0000000000147000-memory.dmp
    Filesize

    28KB

    Download