Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    15-04-2022 13:18

General

  • Target

    bacfc545ab61b454df4a7d8a91cc78cb38daf9068fd5302424d64eea8d4649a6.exe

  • Size

    693KB

  • MD5

    9e91995f53d5a434f619acedea7bd831

  • SHA1

    a39663b44a684c10b865d72d2fef1e401d78b641

  • SHA256

    bacfc545ab61b454df4a7d8a91cc78cb38daf9068fd5302424d64eea8d4649a6

  • SHA512

    18fa7843c422e4ec0da14d73890d0e2ea4ae5d50f371c9e24dab02dabfd6786e6fd7e5b34687508a2d91f617be0f562da937162c7a9238c8b965c4308c42e346

Malware Config

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

  • IcedID First Stage Loader 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bacfc545ab61b454df4a7d8a91cc78cb38daf9068fd5302424d64eea8d4649a6.exe
    "C:\Users\Admin\AppData\Local\Temp\bacfc545ab61b454df4a7d8a91cc78cb38daf9068fd5302424d64eea8d4649a6.exe"
    1⤵
      PID:960

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/960-54-0x0000000000870000-0x0000000000922000-memory.dmp

      Filesize

      712KB

    • memory/960-55-0x0000000000020000-0x000000000002D000-memory.dmp

      Filesize

      52KB