Analysis
-
max time kernel
122s -
max time network
128s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
15-12-2021 11:23
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win64.Kryptik.CTU.29173.10935.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win64.Kryptik.CTU.29173.10935.dll
Resource
win10-en-20211208
windows10_x64
0 signatures
0 seconds
General
-
Target
SecuriteInfo.com.Win64.Kryptik.CTU.29173.10935.dll
-
Size
502KB
-
MD5
d59fa2838f83e31ef0d2bd34bd86ef40
-
SHA1
d9115b1a962256b6accabfee45c5654f3ee64a47
-
SHA256
32de1e4b5582279bf16bfcad4c55b5e0f1151afddb2a96013442b3158f4a02d8
-
SHA512
92a9888556706f4f3bf33e6cdfeddca958780438c73a6749e18b4a59b866b96e67c1736cf557ed470ae095c3385bb0818c4199bc00d2c088a5179029c587a93f
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
3372020928
C2
jeliskvosh.com
Signatures
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 3664 regsvr32.exe 3664 regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3664-118-0x00000000008B0000-0x00000000008BA000-memory.dmpFilesize
40KB