icedid | 1596-54-0x0000000180000000-0x0000000180005000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1596-54-0x...ry.dll

windows7_x64

1

1596-54-0x...ry.dll

windows10-2004_x64

3

Sharing

Static task

static1

core_loader 3415411565 icedid

Behavioral task

behavioral1

Sample

1596-54-0x0000000180000000-0x0000000180005000-memory.dll

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1596-54-0x0000000180000000-0x0000000180005000-memory.dll

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

1596-54-0x0000000180000000-0x0000000180005000-memory.dmp
Size

20KB
MD5

50522c9eb6c04ea0a35c1f189c290b79
SHA1

cedcf7f4b5a702b5149a4f111fa8df636053ea51
SHA256

580a046ac391411ecae6e22a776fa4a1c596598964d21ee7153d64b110d8285d
SHA512

8c7274dc790dbb03f0b442c874b2b995367b238bb77ac4b9350ba5e4d8c624a3f84600ebc29b62d4f1b2779dfaec853a968e5c23131cfdb8d864264055d23a06
SSDEEP

96:C+npSvbQMtOvL7fzO0WtB/SaperBsp0Q8DI6QpfwZxn5:C+npObQQOv3zKfu280nR6B5

Score

10^/10

core_loader 3415411565 icedid

Malware Config

Extracted

Family

icedid

Botnet

3415411565

C2

antnosience.com

seaskysafe.com

otectagain.top

dilimoretast.com

Attributes

auth_var
17
url_path
/news/

Signatures

Icedid family
icedid

Files

1596-54-0x0000000180000000-0x0000000180005000-memory.dmp
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy