Overview

overview

10

Static

static

10

b56fcd3c57...bc.dll

windows7_x64

10

b56fcd3c57...bc.dll

windows10-2004_x64

1

Analysis

  • max time kernel
    125s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20220331-en
  • submitted
    07-04-2022 21:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b56fcd3c57caf3ef86db827cf544df3a6ab74a0fd2b42b427629a8c70e6b61bc.dll

  • Size

    18KB

  • MD5

    115062f88d0a84fbccf889ccc61f45c1

  • SHA1

    649698dac3ab83254297d9fbb11307c8da0f405f

  • SHA256

    b56fcd3c57caf3ef86db827cf544df3a6ab74a0fd2b42b427629a8c70e6b61bc

  • SHA512

    9c7b7de8f7d8362642366cb7858ae4ba791685cd152a4162ee12fd5335d06967de8f10072fe26b8e07099b461e028c23b00534e4cc797326a447847d52a1c2a3

Score
10/10
icedid2384556843bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

2384556843

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\b56fcd3c57caf3ef86db827cf544df3a6ab74a0fd2b42b427629a8c70e6b61bc.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2020-54-0x000007FEFBF51000-0x000007FEFBF53000-memory.dmp
    Filesize

    8KB

    Download