Overview

overview

10

Static

static

tableClass.dll

windows7_x64

10

tableClass.dll

windows10_x64

10

Analysis

  • max time kernel
    12s
  • max time network
    66s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    06-05-2021 19:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tableClass.dll

  • Size

    41KB

  • MD5

    1500f4e9efa31170ffe28f42d8c46f72

  • SHA1

    2d0b8d30c774ea66327fd5362da4698a2ece2958

  • SHA256

    3154bdae601223ddab39cd8e4b08adebf51f924baa96118498bbc845795fefd1

  • SHA512

    fb3d9343744e7966cdea7d18ed48ea924457d37abe0beb08e7362aa049a1e054a78188663a0ba6aac6e038abd5bc0f622719406999e14cd1ae8626ea82e0a1db

Score
10/10
icedid2941843931bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

2941843931

C2

dsedertyhuiokle.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\tableClass.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/856-114-0x0000000000E30000-0x0000000000E7D000-memory.dmp
    Filesize

    308KB

    Download