Overview

overview

10

Static

static

70af1f4be8...5a.dll

windows7_x64

10

70af1f4be8...5a.dll

windows10_x64

10

Analysis

  • max time kernel
    12s
  • max time network
    121s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    06-05-2021 17:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    70af1f4be8b7b4b4dbad4861dfa75b4b65c4697f1ab5a.dll

  • Size

    234KB

  • MD5

    11d245d1f309022f6f59da477858f404

  • SHA1

    2250ea4e6c6b483f2de744b733549c7da546ff27

  • SHA256

    70af1f4be8b7b4b4dbad4861dfa75b4b65c4697f1ab5a824d273a7f302518a01

  • SHA512

    b0aed9ee6162682b7a33e375f240e5c988fc804237c37c584ff937248d345b21dfa3c6c9f1bcc5832e0fe37ed5abdd54cca77186f6af797dd14b10133782b28d

Score
10/10
icedid3042509645bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

3042509645

C2

dsedertyhuiokle.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\70af1f4be8b7b4b4dbad4861dfa75b4b65c4697f1ab5a.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/800-114-0x0000000002930000-0x0000000002976000-memory.dmp
    Filesize

    280KB

    Download