Overview

overview

10

Static

static

23cfb512_b...is.dll

windows7_x64

10

23cfb512_b...is.dll

windows10_x64

10

Analysis

  • max time kernel
    41s
  • max time network
    110s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    07-05-2021 11:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23cfb512_by_Libranalysis.dll

  • Size

    43KB

  • MD5

    23cfb512bede6142ee7c066921b6159f

  • SHA1

    c901cea8d0b8d5345ae8cb2131386562c16510fc

  • SHA256

    03b8d99fe98be2823443595a513b05bd024fb18da5163461eb649e10f94813af

  • SHA512

    ba8d04ac66927bdc3d86bc11def14a8744cc51b62e56be9725314d1e5e0a7af18d9404d5b1c17a7e8784c47f78a99613e3e11ff2ed2e050127596be4d711d60b

Score
10/10
icedid1436894865bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

1436894865

C2

zasertiokil.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\23cfb512_by_Libranalysis.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/808-114-0x0000000002620000-0x000000000266D000-memory.dmp
    Filesize

    308KB

    Download