Overview

overview

10

Static

static

10

e82bade125...b9.dll

windows7_x64

10

e82bade125...b9.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    4294179s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20220311-en
  • submitted
    28-03-2022 16:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e82bade1258a56f6f6850665759a682ffeeaaf57d62200687ebcb110deea75b9.dll

  • Size

    18KB

  • MD5

    4000c9e3eea3d57f7e12f8ccc615587c

  • SHA1

    555f2dfc9a717f9a68ca78581661f9d067908a4d

  • SHA256

    e82bade1258a56f6f6850665759a682ffeeaaf57d62200687ebcb110deea75b9

  • SHA512

    c2eb52b03799c5ed21fe9aca9e8619e093d4cac75f088cca34a4804d9e21ab94906daeef33829c7a63e93bb40a059a199e3ef63041035b95797c7ad99d575150

Score
10/10
icedid3993579037bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

3993579037

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\e82bade1258a56f6f6850665759a682ffeeaaf57d62200687ebcb110deea75b9.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1572

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1572-54-0x000007FEFC2F1000-0x000007FEFC2F3000-memory.dmp
    Filesize

    8KB

    Download