Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
15-04-2022 13:27
Static task
static1
Behavioral task
behavioral1
Sample
9887b7831c3ce6c97317e392aba71bfefef54d8c5860d84bc584ad4661f2f757.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
9887b7831c3ce6c97317e392aba71bfefef54d8c5860d84bc584ad4661f2f757.exe
-
Size
396KB
-
MD5
525871dae984d1b056647e4f5cfc11fe
-
SHA1
d209ba0ead3450c566a02f8f72b5777ac97540a9
-
SHA256
9887b7831c3ce6c97317e392aba71bfefef54d8c5860d84bc584ad4661f2f757
-
SHA512
c4a5b6c5d073e27450553b58b95b97f23b943bc2beefc8a0d9ff9ffdb8fe1eacaeb57cc3e7b605b78e482f4b224779fde5f291c0ec12c274c229499648e3f391
Malware Config
Extracted
Family
icedid
C2
loadfreeman.casa
Signatures
-
IcedID First Stage Loader 2 IoCs
Processes:
resource yara_rule behavioral1/memory/1960-55-0x0000000000250000-0x0000000000256000-memory.dmp IcedidFirstLoader behavioral1/memory/1960-58-0x00000000001C0000-0x00000000001C3000-memory.dmp IcedidFirstLoader -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
9887b7831c3ce6c97317e392aba71bfefef54d8c5860d84bc584ad4661f2f757.exepid process 1960 9887b7831c3ce6c97317e392aba71bfefef54d8c5860d84bc584ad4661f2f757.exe