icedid | 1948-55-0x00000000003C0000-0x00000000003CE000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1948-55-0x...ry.dll

windows7_x64

1

1948-55-0x...ry.dll

windows10-2004_x64

3

Sharing

Static task

static1

loader 3467965077 icedid

Behavioral task

behavioral1

Sample

1948-55-0x00000000003C0000-0x00000000003CE000-memory.dll

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1948-55-0x00000000003C0000-0x00000000003CE000-memory.dll

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

1948-55-0x00000000003C0000-0x00000000003CE000-memory.dmp
Size

56KB
MD5

0b9fbcd8cfc70bb8899725591492aa4c
SHA1

dd2452990270db83ac5b0fec6e7e349b8c857f8b
SHA256

f93a1eefdb11129e1986f517145f1f32571b81aba723ee9eb698cf8064f8a328
SHA512

ad7c6ef6cd1fb8dedc8e0a5d78379e46d2b65debf99c0222e52faf96e0374d582dab0a9d4cb9d741e64aa8a76da928aeb83b4460b21f89141f760ee6ebe98793
SSDEEP

768:8Gd0jdQr3/1G/qqIu/kJlczKMF49t3X2:dd0hQrP1SDH/kczGX2

Score

10^/10

loader 3467965077 icedid

Malware Config

Extracted

Family

icedid

Campaign

3467965077

C2

firenicatrible.com

Signatures

Icedid family
icedid

Files

1948-55-0x00000000003C0000-0x00000000003CE000-memory.dmp
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.c
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy