Overview

overview

10

Static

static

15301c74c2...a7.exe

windows7_x64

1

15301c74c2...a7.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    24-05-2022 14:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7.exe

  • Size

    708KB

  • MD5

    d50ed520e13ae1bcc86e2c8be3fbbf1d

  • SHA1

    52e38ade4e9bfedb7a4e9ab36a175c7e6f5f9b50

  • SHA256

    15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7

  • SHA512

    80951bceabd01fd28c465fffab15435363ce436e510e2b00411a15a39219f4177d45e8b70fad6a0bb45366473a0722a2f3d40bd8cefb4d1722f5e8f87ad3b061

Score
10/10
icedid513366864bankerloadertrojan

Malware Config

Extracted

Family

icedid

Botnet

513366864

C2

magnwnce.com

corposted.com

presifered.com

coujtried.com

molinaro.top

amongolia.com

jjanuatu.com
Attributes
  • auth_var

    11

  • url_path

    /index.php

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • IcedID Second Stage Loader 1 IoCs
    loader
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7.exe
    "C:\Users\Admin\AppData\Local\Temp\15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:5104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5104-134-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-146-0x00000000022F0000-0x00000000022F5000-memory.dmp
    Filesize

    20KB

    Download
  • memory/5104-145-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-150-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-144-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-143-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-142-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-141-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-140-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-139-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-138-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-137-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-136-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-135-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download
  • memory/5104-133-0x00000000022D0000-0x00000000022D3000-memory.dmp
    Filesize

    12KB

    Download