Analysis
-
max time kernel
130s -
max time network
131s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-04-2021 09:59
Static task
static1
Behavioral task
behavioral1
Sample
Kiod.hod.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
Kiod.hod.dll
-
Size
64KB
-
MD5
d7b3fe762d53da6ea7028d1d48cb11f1
-
SHA1
e3ff87266aa56dd14e8f5fa70e44fe0539924079
-
SHA256
d1634c8dd16b4b1480065039fac62d6c1900692f0ccc9bf52c8ddc65599fbf3d
-
SHA512
035e9a44e911a792762bdb5d58d341f4c03422f765a74d18998076b6dc7b4ac04a48a1133574fa1590cc797531a8961623923b175390e9bcb8900f844e7a9a34
Malware Config
Extracted
Family
icedid
Campaign
2046050
C2
calldivorce.fun
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral1/memory/780-61-0x0000000000140000-0x0000000000147000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 780 regsvr32.exe 780 regsvr32.exe