Analysis
-
max time kernel
6s -
max time network
11s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
06-05-2021 18:34
Static task
static1
Behavioral task
behavioral1
Sample
387713eb2858b620cdf67430b071bc942316f5c29644ce25cca0215d90444c96.dll
Resource
win7v20210408
Behavioral task
behavioral2
Sample
387713eb2858b620cdf67430b071bc942316f5c29644ce25cca0215d90444c96.dll
Resource
win10v20210408
General
-
Target
387713eb2858b620cdf67430b071bc942316f5c29644ce25cca0215d90444c96.dll
-
Size
234KB
-
MD5
69a9613ec679307c2600d6940211559c
-
SHA1
ab85b2755f1de47060d970067900706e26ad69e3
-
SHA256
387713eb2858b620cdf67430b071bc942316f5c29644ce25cca0215d90444c96
-
SHA512
8754d4cee1e75d5c3210449157d98b916318766632eeef85ae30dd76cfe49472bb61e6a8abc0b1a7baa663eaf4a67138204bbf97a2bc0413a0d2a0566f91fcba
Malware Config
Extracted
Family |
icedid |
Campaign |
3042509645 |
C2 |
dsedertyhuiokle.top |
Signatures
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\387713eb2858b620cdf67430b071bc942316f5c29644ce25cca0215d90444c96.dllSuspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation