Overview

overview

10

Static

static

4cadcd7498...d5.dll

windows7_x64

4cadcd7498...d5.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    162s
  • max time network
    171s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    27-04-2022 19:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4cadcd74980239a16474d3b4d30eaa8c89e49c1f6e1ab3314ea1465720c4bbd5.dll

  • Size

    34KB

  • MD5

    646247f32385dd66dbe30e59b0bc957b

  • SHA1

    55507ea39a2d354f9974f9580956d17161e4a87d

  • SHA256

    4cadcd74980239a16474d3b4d30eaa8c89e49c1f6e1ab3314ea1465720c4bbd5

  • SHA512

    68333247ac448b5d7092a61c9d8c5f441be71fe96e1ca2fa3fd5f7849b3f9a4199e8c63080439bb41869f8432d3cf8908fe4deef84fb9d15237f01930ee2708b

Score
10/10
icedid3671205527bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

3671205527

C2

blackferrow.com

orangegrande.com
Attributes
  • auth_var

    1

  • url_path

    /news/

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\4cadcd74980239a16474d3b4d30eaa8c89e49c1f6e1ab3314ea1465720c4bbd5.dll,#1
    1⤵
      PID:2472

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2472-130-0x0000016D3B490000-0x0000016D3B4C7000-memory.dmp
      Filesize

      220KB

      Download