Overview

overview

10

Static

static

core.bat

windows7_x64

10

core.bat

windows10-2004_x64

10

syrupx64.dll

windows7_x64

10

syrupx64.dll

windows10-2004_x64

10

Resubmissions

22-02-2022 16:12

220222-tnm8vaahc9 10

05-01-2022 09:29

220105-lf8ktaaeaq 10

Analysis

  • max time kernel
    94s
  • max time network
    163s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220112
  • submitted
    22-02-2022 16:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    syrupx64.dll

  • Size

    31KB

  • MD5

    051c37b2a61be7d6423f6bb0e903de24

  • SHA1

    7ad50ed7e25b7a00416fd988e4785095a37cb534

  • SHA256

    65f7d007aec8c9a9e7dec1e1a4325762a57d701209bdc42f219dbf93803ef238

  • SHA512

    4c16feca4e3e2a6281b12902fd2e7c1d975fd9a666598e1e6dc65fae813f364e7f58543301cef3ab3961d3a43c369bce50903ce6e48a74acb211f1e70c164ab3

Score
10/10
icedid4221486031bankertrojan

Malware Config

Extracted

Family

icedid

Botnet

4221486031

C2

xijsry.com

zanokiryq.com

gladmitter.com
Attributes
  • auth_var

    3

  • url_path

    /news/

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\syrupx64.dll,#1
    1⤵
      PID:4076

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4076-130-0x000001F4518A0000-0x000001F4518D7000-memory.dmp

      Filesize

      220KB

      Download