Overview

overview

10

Static

static

b0cd30604c...9d.dll

windows7_x64

10

b0cd30604c...9d.dll

windows10_x64

10

Analysis

  • max time kernel
    136s
  • max time network
    139s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    11-05-2021 10:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b0cd30604c6ef97118e9a8929f4edf2381e5fc25b4e4db1da734767465e2de9d.dll

  • Size

    51KB

  • MD5

    d2ea09be7ccaebce75a29ad3c310912e

  • SHA1

    eef57c1a0cf8614061115389f6a539f2c113122b

  • SHA256

    b0cd30604c6ef97118e9a8929f4edf2381e5fc25b4e4db1da734767465e2de9d

  • SHA512

    52fb7f3dab951f5a4c9ed2481f54ae86c206ac3e327cbcd400101a732b89965caf07d23e8c1a9c9d2691b7b361e2daa646845d1f34dd38c2a3e960cfad8b8264

Score
10/10
icedid2975399169bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

2975399169

C2

dupperawergo.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\b0cd30604c6ef97118e9a8929f4edf2381e5fc25b4e4db1da734767465e2de9d.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/856-114-0x0000000000D70000-0x0000000000DCB000-memory.dmp

    Filesize

    364KB

    Download