Analysis
-
max time kernel
140s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
21-04-2022 15:48
General
-
Target
1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b.exe
-
Size
44KB
-
MD5
7fb16c37fd6fa92377a6188c8475f0c0
-
SHA1
c668a4df7a3f40d4128b385d33a28f17f27a6382
-
SHA256
1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b
-
SHA512
382fa394d728c1c5fbcb16ff7b7ca29898e3b71bbeb80ca5d303ed859cdf85ceca667ed974a25dd2ed463ac6c0785180024f93ade95714212efe42c17e345444
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
468039940
Signatures
-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b.exe"C:\Users\Admin\AppData\Local\Temp\1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b.exe"1⤵
- Suspicious behavior: EnumeratesProcesses