Overview

overview

10

Static

static

352fbf0bc5...9e.dll

windows7_x64

10

352fbf0bc5...9e.dll

windows10_x64

10

Analysis

  • max time kernel
    12s
  • max time network
    110s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    07-05-2021 12:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    352fbf0bc54cdd36e9241b632267002e0cb9568505e9e.dll

  • Size

    238KB

  • MD5

    e6cd3ba39aeb24752ed6370ce08d1411

  • SHA1

    7d97f7362f8927b7dccdea6dc6b116deb2692ce5

  • SHA256

    352fbf0bc54cdd36e9241b632267002e0cb9568505e9ec31e8aeb0af7b5d7fb4

  • SHA512

    1b1e6be8f1ddecd1c9b5cc5805a4c96fd64d2ed96c640512e80d588b054a2b3b8eb5755b93fe094a7339211bc70900b119ddcec0fd3aa8adceadeff25f44ab31

Score
10/10
icedid3042509645bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

3042509645

C2

barcafokliresd.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\352fbf0bc54cdd36e9241b632267002e0cb9568505e9e.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2208-114-0x0000000002340000-0x0000000002386000-memory.dmp
    Filesize

    280KB

    Download