Analysis
-
max time kernel
147s -
max time network
168s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
17-04-2022 09:07
Static task
static1
Behavioral task
behavioral1
Sample
4f39a6eb76ad32e6265638b299df3f001292f14208d4b7dadc583577bfdd73ce.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
4f39a6eb76ad32e6265638b299df3f001292f14208d4b7dadc583577bfdd73ce.exe
-
Size
278KB
-
MD5
f256b883245baeb7fe91cfa0563a0d57
-
SHA1
e0b7d74982a2657303241d0b5497cc82bb6c1b77
-
SHA256
4f39a6eb76ad32e6265638b299df3f001292f14208d4b7dadc583577bfdd73ce
-
SHA512
bad2b3304cfa0be810abbb4d0e82da377e50a8f7f58d3ec997a9d2b6b703400e9d03fff3d78eabbbbe3118b2f9f6f931f8db8651bfd2ca4feb39ed21cc69bb78
Malware Config
Extracted
Family
icedid
C2
supportayzer.shop
bookoffathes.pw
Signatures
-
IcedID Second Stage Loader 2 IoCs
Processes:
resource yara_rule behavioral1/memory/552-55-0x0000000000730000-0x0000000000736000-memory.dmp IcedidSecondLoader behavioral1/memory/552-56-0x0000000000730000-0x000000000087A000-memory.dmp IcedidSecondLoader