Analysis
-
max time kernel
12s -
max time network
133s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
04-05-2021 18:46
Static task
static1
Behavioral task
behavioral1
Sample
pasteBorder.dll
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
pasteBorder.dll
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
pasteBorder.dll
-
Size
337KB
-
MD5
6ee6fcde80cbf4967885454cfcdf22a5
-
SHA1
c3b771ed998a4363e9eb00996c651bc560138503
-
SHA256
fa914c9914a9a663613c62467009adb9a283275863e0fd4a39b5e5e4f3a0f376
-
SHA512
3d6c61836704e7302232f324c0b9d47f412f346baca0b84fe1a885662f41d8e5bc3369c3e5cab21c21106aebf5ea59653807d5461d145b1c2005466bdc0d804b
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
3042509645
C2
barcafokliresd.top
Signatures
-
Processes:
resource yara_rule behavioral2/memory/604-114-0x0000000002770000-0x00000000027B6000-memory.dmp crime_win32_icedid_stage1 -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 604 regsvr32.exe 604 regsvr32.exe