Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-en-20211014 -
submitted
02-12-2021 15:46
Static task
static1
Behavioral task
behavioral1
Sample
d44aaa3976c4c449759289b74d71501b.dll
Resource
win7-en-20211014
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
d44aaa3976c4c449759289b74d71501b.dll
Resource
win10-en-20211104
windows10_x64
0 signatures
0 seconds
General
-
Target
d44aaa3976c4c449759289b74d71501b.dll
-
Size
191KB
-
MD5
d44aaa3976c4c449759289b74d71501b
-
SHA1
8c247f093b4955b1827bda3159371f2d609e1bb0
-
SHA256
9fcbbed0d0dec40e198e75f4f6fbc05b1f369d3a12bd40897b559a898d2193b3
-
SHA512
c5dbdebd99b2746a6de76c21ef9e47e4ef6930080e53da7a98fff9772fb68efef2e0ed1f5dbbd2f4ab036ffc86df716e25bcc3eee1d389468956238e47c64f6e
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
3494996616
C2
zanokiryq.com
Signatures
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 1344 regsvr32.exe 1344 regsvr32.exe