Overview

overview

10

Static

static

4d2353284c...e9.dll

windows7_x64

10

4d2353284c...e9.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    131s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220113
  • submitted
    24-03-2022 23:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4d2353284cdfb3e98edc6d424ea143f7746f84ead6ba6f4e6c50f011107117e9.dll

  • Size

    258KB

  • MD5

    f2ae4113a1de1653eb321ab09dcd791d

  • SHA1

    a09d3c9f5bb762b1c890c570caaf02140b4a824d

  • SHA256

    4d2353284cdfb3e98edc6d424ea143f7746f84ead6ba6f4e6c50f011107117e9

  • SHA512

    0ac2292e10fa34c2b2e273b1fee89a42dafcb45325db5849ab28fbeaa4cdd56c611418638c134da83e3e35a8a49f734c4d6212b54b95ef6097dec4cf32aca66f

Score
10/10
icedid3840329038bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

3840329038

C2

hdtrenity.com

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\4d2353284cdfb3e98edc6d424ea143f7746f84ead6ba6f4e6c50f011107117e9.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2732-130-0x0000000001230000-0x0000000001239000-memory.dmp
    Filesize

    36KB

    Download