Analysis
-
max time kernel
4s -
max time network
8s -
platform
windows7_x64 -
resource
win7v20210410 -
submitted
30-04-2021 16:49
Static task
static1
Behavioral task
behavioral1
Sample
valuePasteList.dll
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
valuePasteList.dll
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
valuePasteList.dll
-
Size
57KB
-
MD5
d9ab20b129af3b50e9fd72e87025cebb
-
SHA1
07abe3a40d3ce2dab5c4ab51e57469cb79c90ce1
-
SHA256
e6c7dd630e76632a770ec761bfdedca0e7cd0e1a05f2f74d7377d1784536726c
-
SHA512
c2175e061b7b8da53c34e6295e5eb4b6598d341ab0b21bdde86a5be19581145998e8aed8cb17622044f54c94f1256ac7e90fa21481c647360c69ed3fac73227c
Score
9/10
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral1/memory/2000-61-0x0000000001D50000-0x0000000001DA4000-memory.dmp crime_win32_icedid_stage1 -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 2000 regsvr32.exe 2000 regsvr32.exe