Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
09-04-2021 09:59
Static task
static1
Behavioral task
behavioral1
Sample
Kiod.hod.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
Kiod.hod.dll
-
Size
64KB
-
MD5
d7b3fe762d53da6ea7028d1d48cb11f1
-
SHA1
e3ff87266aa56dd14e8f5fa70e44fe0539924079
-
SHA256
d1634c8dd16b4b1480065039fac62d6c1900692f0ccc9bf52c8ddc65599fbf3d
-
SHA512
035e9a44e911a792762bdb5d58d341f4c03422f765a74d18998076b6dc7b4ac04a48a1133574fa1590cc797531a8961623923b175390e9bcb8900f844e7a9a34
Malware Config
Extracted
Family
icedid
Campaign
2046050
C2
calldivorce.fun
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral2/memory/4772-114-0x00000000021C0000-0x00000000021C7000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 4772 regsvr32.exe 4772 regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4772-114-0x00000000021C0000-0x00000000021C7000-memory.dmpFilesize
28KB