Overview

overview

10

Static

static

3154bdae60...d1.dll

windows7_x64

10

3154bdae60...d1.dll

windows10_x64

10

Analysis

  • max time kernel
    5s
  • max time network
    8s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    06-05-2021 19:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3154bdae601223ddab39cd8e4b08adebf51f924baa96118498bbc845795fefd1.dll

  • Size

    41KB

  • MD5

    1500f4e9efa31170ffe28f42d8c46f72

  • SHA1

    2d0b8d30c774ea66327fd5362da4698a2ece2958

  • SHA256

    3154bdae601223ddab39cd8e4b08adebf51f924baa96118498bbc845795fefd1

  • SHA512

    fb3d9343744e7966cdea7d18ed48ea924457d37abe0beb08e7362aa049a1e054a78188663a0ba6aac6e038abd5bc0f622719406999e14cd1ae8626ea82e0a1db

Score
10/10
icedid2941843931bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

2941843931

C2

dsedertyhuiokle.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\3154bdae601223ddab39cd8e4b08adebf51f924baa96118498bbc845795fefd1.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1668-60-0x000007FEFC2E1000-0x000007FEFC2E3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1668-61-0x00000000001B0000-0x00000000001FD000-memory.dmp
    Filesize

    308KB

    Download