Analysis
-
max time kernel
199s -
max time network
207s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
08-05-2022 06:43
General
-
Target
c426b5f9a39e2e9d46c3074fc973e9d01fdfbf4f96870b624606e02233b08050.exe
-
Size
228KB
-
MD5
e5eacbe6e8b732c14a651fe45e9924a4
-
SHA1
85e6e11c0a12a4bc3d7b5ba76791fa9eea4ea1ec
-
SHA256
c426b5f9a39e2e9d46c3074fc973e9d01fdfbf4f96870b624606e02233b08050
-
SHA512
d42fd09d58adec8528ddb1fd6243b55b74983f4ecc463bd02f4cdb6aaa5570d9de331e7c2b078055be92588fe30d17eeced62aafbf50e1b6683e0db663c25760
Score
10/10
Malware Config
Extracted
Family
icedid
Extracted
Family
icedid
Botnet
3940132575
C2
besitxavier.best
nazifestivo.best
Attributes
-
auth_var
2
-
url_path
/audio/
Signatures
-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
IcedID Second Stage Loader 3 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c426b5f9a39e2e9d46c3074fc973e9d01fdfbf4f96870b624606e02233b08050.exe"C:\Users\Admin\AppData\Local\Temp\c426b5f9a39e2e9d46c3074fc973e9d01fdfbf4f96870b624606e02233b08050.exe"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
-
Filesize
24KB
-
Filesize
20KB