Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
06-05-2021 07:33
Static task
static1
Behavioral task
behavioral1
Sample
dbcfa46a6d9b1810a22cc3ffeb583d49.dll
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
dbcfa46a6d9b1810a22cc3ffeb583d49.dll
Resource
win10v20210410
windows10_x64
0 signatures
0 seconds
General
-
Target
dbcfa46a6d9b1810a22cc3ffeb583d49.dll
-
Size
98KB
-
MD5
dbcfa46a6d9b1810a22cc3ffeb583d49
-
SHA1
d2f02cdb3204b32b4a0f4618ac48f2be92722828
-
SHA256
babaf02a2ea4c03e9ea2bb01475757c9e39f96f71a9d7a76e722c64c0107c333
-
SHA512
accf3cd48712db0f92729cb7e54e94f4e9635224c9049fd7c779246d847d983da8f6e86b6d031f0cf6cc650f73c89e75138010cc326fb31729105734fe90e48f
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
3717128962
C2
usaaforced.fun
Signatures
-
IcedID First Stage Loader 1 IoCs
Processes:
resource yara_rule behavioral2/memory/3540-114-0x00000000001F0000-0x00000000001F7000-memory.dmp IcedidFirstLoader -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 3540 regsvr32.exe 3540 regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3540-114-0x00000000001F0000-0x00000000001F7000-memory.dmpFilesize
28KB