Analysis
-
max time kernel
146s -
max time network
145s -
platform
windows7_x64 -
resource
win7v20210410 -
submitted
11-05-2021 11:24
Static task
static1
Behavioral task
behavioral1
Sample
fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exe
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
General
-
Target
fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exe
-
Size
168KB
-
MD5
a4eb246e65737a9d483625a6acab03c7
-
SHA1
5054783070a6cbe6d8b6414be1e89ecf8b1c4318
-
SHA256
fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2
-
SHA512
9791671ed46aac7926277110b179c0e8616380ef40542e2fd82061c454d858cc2f4d873809e8b7c8047fe1a033c0001e18823eaf4d7b7de8fa5607b3960885e9
Malware Config
Signatures
-
IcedID First Stage Loader 2 IoCs
Processes:
resource yara_rule behavioral1/memory/1888-61-0x0000000000260000-0x0000000000266000-memory.dmp IcedidFirstLoader behavioral1/memory/1888-64-0x0000000000250000-0x0000000000253000-memory.dmp IcedidFirstLoader -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exepid process 1888 fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exe 1888 fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exe