Overview

overview

10

Static

static

14d95ca0c6...08.dll

windows7_x64

10

14d95ca0c6...08.dll

windows10_x64

10

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-en-20211104
  • submitted
    27-11-2021 14:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14d95ca0c65a501530d76e66ac2d0afa0711e352476bd58e0204534af400fe08.dll

  • Size

    158KB

  • MD5

    5cb0eef07236f9c8e1a283cad056d234

  • SHA1

    c5a03189baae18cc31b41c4c6aa77b60cc34f423

  • SHA256

    14d95ca0c65a501530d76e66ac2d0afa0711e352476bd58e0204534af400fe08

  • SHA512

    52cb1ba1f77fc1eb6ac8e2c49fed7a415d01839b9ab7297c7cc5d640cd9d7b9f8fc59993627373c16eb0178d225859a0fac22c2083929ca4ee59fa4b0dbf3f39

Score
10/10
icedid81538452bankertrojan

Malware Config

Extracted

Family

icedid

Botnet

81538452

C2

garrozalibbo.click

disponfirules.top

mislinororv.top

twistcolseza.top
Attributes
  • auth_var

    8

  • url_path

    /news/

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\14d95ca0c65a501530d76e66ac2d0afa0711e352476bd58e0204534af400fe08.dll
    1⤵
      PID:520

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/520-55-0x000007FEFB7E1000-0x000007FEFB7E3000-memory.dmp

      Filesize

      8KB

      Download

    • memory/520-56-0x0000000000140000-0x0000000000145000-memory.dmp

      Filesize

      20KB

      Download