Overview

overview

10

Static

static

7814752e9e...8e.dll

windows7_x64

10

7814752e9e...8e.dll

windows10_x64

10

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows10_x64
  • resource
    win10-en-20211104
  • submitted
    29-11-2021 22:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7814752e9e8f269e55459068717917804878c38e.dll

  • Size

    344KB

  • MD5

    60c8fbebba16716da4f9aa5f2268f942

  • SHA1

    7814752e9e8f269e55459068717917804878c38e

  • SHA256

    4e464218378946df0688bf7f51169482d1da4323ba76d69f224ed417c4b561f3

  • SHA512

    1fdad86c4dbd9707ac5b7a3dc0b0c7c8e690e66d4da172c920b5b10235122ed42b8616d600fda98f8fd5ad4d53b2628758a2106c328b84acd3a3854bc939ef3d

Score
10/10
icedid2904573523bankersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

2904573523

C2

placingapie.ink

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • suricata: ET MALWARE Win32/IcedID Request Cookie

    suricata: ET MALWARE Win32/IcedID Request Cookie

    suricata
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\7814752e9e8f269e55459068717917804878c38e.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3596-118-0x0000000001DF0000-0x0000000001E53000-memory.dmp
    Filesize

    396KB

    Download