Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-en-20211104 -
submitted
30-11-2021 06:28
General
-
Target
4786bab974f899355634be167aa2c689923ab38b00cdd.dll
-
Size
134KB
-
MD5
6424dcd52f8329de1d4ae5f9329e78a2
-
SHA1
91cc57703a1d8d0b9c9c3aa80d06d186a53230a7
-
SHA256
4786bab974f899355634be167aa2c689923ab38b00cdd71f678b988c09cd6414
-
SHA512
a5970c835090ede89b3d150cb50d2c7ec239f6434e9e0a53d31fe5e63236f108d24be60a197a496f4656c0564608f9d1c5c1a98231e9541480765f1dc115dfc8
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
3858400908
C2
mchinamoz.com
Signatures
-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\4786bab974f899355634be167aa2c689923ab38b00cdd.dll1⤵
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/792-55-0x000007FEFBF21000-0x000007FEFBF23000-memory.dmpFilesize
8KB
-
memory/792-56-0x00000000001D0000-0x0000000000233000-memory.dmpFilesize
396KB