Overview

overview

10

Static

static

dd6d136055...38.dll

windows7_x64

10

dd6d136055...38.dll

windows10_x64

10

Analysis

  • max time kernel
    139s
  • max time network
    142s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    07-05-2021 16:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dd6d136055296abfc6f94c8ae1d039042c603fb1d0938.dll

  • Size

    234KB

  • MD5

    fecf84576b7b6cdc64e5cf839db18c3b

  • SHA1

    32fffb167d3e20a15731cb137dde2fa2fbc1bdf2

  • SHA256

    dd6d136055296abfc6f94c8ae1d039042c603fb1d0938a75d446c86d1f4636d4

  • SHA512

    0c7cdf1e70c085306c89d4e577f3492a427082ce73bede460fb80759d3a3b976ea7f666c19f7871b4283788132bd671135933ce7e561da7eb4eec5e50941da3b

Score
10/10
icedid3042509645bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

3042509645

C2

dsedertyhuiokle.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\dd6d136055296abfc6f94c8ae1d039042c603fb1d0938.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:804

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/804-114-0x0000000001400000-0x0000000001446000-memory.dmp
    Filesize

    280KB

    Download