Overview

overview

10

Static

static

cf712dade4...b5.dll

windows7_x64

10

cf712dade4...b5.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    158s
  • max time network
    169s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220310-en
  • submitted
    25-03-2022 02:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cf712dade46c14b21f25065fa3026a10b4d66cf78a3c8fe8d727c981b0baf6b5.dll

  • Size

    274KB

  • MD5

    52ce75ff19e1555875c7802186891885

  • SHA1

    8ebbef0adfbcefd72e72567f214f911f1689c806

  • SHA256

    cf712dade46c14b21f25065fa3026a10b4d66cf78a3c8fe8d727c981b0baf6b5

  • SHA512

    9b3aebc120d0d64f9bf346751f238ea0928e0a2a000fb63a3e350d07986a06d2917bd8dc23360475a3308e84b687850dec5ab374d6f28518865e5459859ab6b9

Score
10/10
icedid3840329038bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

3840329038

C2

hdtrenity.com

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\cf712dade46c14b21f25065fa3026a10b4d66cf78a3c8fe8d727c981b0baf6b5.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2996-134-0x00000000010D0000-0x00000000010D9000-memory.dmp
    Filesize

    36KB

    Download