Overview

overview

10

Static

static

00271fb58b...8f.dll

windows7_x64

10

00271fb58b...8f.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    90s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    25-05-2022 22:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00271fb58b517a5240bb661b9d1222b3ff26582666a6e7c57d132d15d6b47f8f.dll

  • Size

    948KB

  • MD5

    5bb2764db122ce725b6556e3aaad9504

  • SHA1

    1254601f5eb7f42da1a129d08dd46c5e3b94d6b8

  • SHA256

    00271fb58b517a5240bb661b9d1222b3ff26582666a6e7c57d132d15d6b47f8f

  • SHA512

    715d567aff20b610c14d6ac5d9c319587371654da40f30f8c1982c1803f7b97efea19e407e6ed1d169e4e72f8ad41021ea068f1ceec630fed8a0e24d6388d6ae

Score
10/10
icedid1129175425bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1129175425

C2

intonthsnstr.rest

estoptionicou.top

ypothesisabo.top

flipperzillo.quest
Attributes
  • auth_var

    9

  • url_path

    /news/

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\00271fb58b517a5240bb661b9d1222b3ff26582666a6e7c57d132d15d6b47f8f.dll,#1
    1⤵
      PID:3948

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3948-130-0x0000000180000000-0x0000000180005000-memory.dmp

      Filesize

      20KB

      Download