Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
26-02-2022 06:54
Static task
static1
Behavioral task
behavioral1
Sample
b742590b8b2d11205f4993f167f602b7f47b8ac07d5661bfd2ac336c9e7d750d.exe
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
General
-
Target
b742590b8b2d11205f4993f167f602b7f47b8ac07d5661bfd2ac336c9e7d750d.exe
-
Size
220KB
-
MD5
6db580482092ffb0e0a009c1ad202649
-
SHA1
3f037c00c291bd9ee181baafee0a5f2e182d466d
-
SHA256
b742590b8b2d11205f4993f167f602b7f47b8ac07d5661bfd2ac336c9e7d750d
-
SHA512
e811b3d223915f88cd4de62e595aeaa44582b0fa03aa48ee488213db7b23d15a683a02d020048f3d112267e8c96d85684ca60063f0cef4f2cc494359e2e58941
Malware Config
Signatures
-
IcedID First Stage Loader 2 IoCs
Processes:
resource yara_rule behavioral1/memory/1180-56-0x0000000000280000-0x0000000000286000-memory.dmp IcedidFirstLoader behavioral1/memory/1180-59-0x0000000000270000-0x0000000000273000-memory.dmp IcedidFirstLoader -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
b742590b8b2d11205f4993f167f602b7f47b8ac07d5661bfd2ac336c9e7d750d.exepid process 1180 b742590b8b2d11205f4993f167f602b7f47b8ac07d5661bfd2ac336c9e7d750d.exe 1180 b742590b8b2d11205f4993f167f602b7f47b8ac07d5661bfd2ac336c9e7d750d.exe