Overview

overview

10

Static

static

core.bat

windows7_x64

10

core.bat

windows10_x64

10

donate-x32.dat.dll

windows7_x64

10

donate-x32.dat.dll

windows10_x64

10

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows10_x64
  • resource
    win10-en-20211104
  • submitted
    24-11-2021 22:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    donate-x32.dat.dll

  • Size

    67KB

  • MD5

    06c6f61d2c16cb465767692e5e7b332d

  • SHA1

    713bacf4f6689471c5a41662120264c73a79446c

  • SHA256

    83f97f8f87237deba89ef2b16218f28f22cf36f2674d2d4f2f2af4faffe4c8df

  • SHA512

    7044ae7f8393c95529225f734d61c112aa1a0a1ab0d1d491478a2a1ea44fa24b13b120578f9da41ea4040f476b7207340196273b84679f2df71411e5351d9c97

Score
10/10
icedid1217670233bankertrojan

Malware Config

Extracted

Family

icedid

Botnet

1217670233

C2

lakogrefop.rest

hangetilin.top

follytresh.co

roadswendy.top
Attributes
  • auth_var

    17

  • url_path

    /posts/

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\donate-x32.dat.dll,#1
    1⤵
      PID:2716

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2716-118-0x0000025F18570000-0x0000025F185A7000-memory.dmp

      Filesize

      220KB

      Download