Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
11-05-2021 11:24
Static task
static1
Behavioral task
behavioral1
Sample
fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exe
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
General
-
Target
fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exe
-
Size
168KB
-
MD5
a4eb246e65737a9d483625a6acab03c7
-
SHA1
5054783070a6cbe6d8b6414be1e89ecf8b1c4318
-
SHA256
fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2
-
SHA512
9791671ed46aac7926277110b179c0e8616380ef40542e2fd82061c454d858cc2f4d873809e8b7c8047fe1a033c0001e18823eaf4d7b7de8fa5607b3960885e9
Malware Config
Signatures
-
IcedID First Stage Loader 2 IoCs
Processes:
resource yara_rule behavioral2/memory/856-114-0x0000000002210000-0x0000000002216000-memory.dmp IcedidFirstLoader behavioral2/memory/856-117-0x00000000021F0000-0x00000000021F3000-memory.dmp IcedidFirstLoader -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exepid process 856 fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exe 856 fdd5fefb17fa360b3627b7d4bc3538cd9a35a6987ad8e6f0b0ddfff27bb56da2.exe