Overview

overview

10

Static

static

ff71849411...4d.dll

windows7_x64

10

ff71849411...4d.dll

windows10_x64

10

Analysis

  • max time kernel
    4s
  • max time network
    9s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    06-05-2021 18:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff718494115c1feae5a567c5de525deded706b349eff53da6120824ac6f8d04d.dll

  • Size

    238KB

  • MD5

    5ac36824dcffee75bc9139a9437a5250

  • SHA1

    06a766493618b5c145059419b7ad10344cc9f245

  • SHA256

    ff718494115c1feae5a567c5de525deded706b349eff53da6120824ac6f8d04d

  • SHA512

    d57ed48701b66944e5ed382d8c697ba4b5e4826cfbda5daa745b972238d29cc9326fbdb60089b04d09511332b3acb32f43427dcb5b0a1195747d694eff65a079

Score
10/10
icedid3042509645bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

3042509645

C2

barcafokliresd.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\ff718494115c1feae5a567c5de525deded706b349eff53da6120824ac6f8d04d.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/772-60-0x000007FEFC181000-0x000007FEFC183000-memory.dmp
    Filesize

    8KB

    Download
  • memory/772-61-0x00000000001B0000-0x00000000001F6000-memory.dmp
    Filesize

    280KB

    Download