Analysis
-
max time kernel
131s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
14-06-2022 19:32
Static task
static1
Behavioral task
behavioral1
Sample
114e8047febef0d5c677c54b86c69335.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
114e8047febef0d5c677c54b86c69335.dll
-
Size
601KB
-
MD5
114e8047febef0d5c677c54b86c69335
-
SHA1
40183e208d011482d26a28e55b85594826ba7374
-
SHA256
afb8d6a8633c4b66cca83a61f197c0a11c96db71601f7c0dbcd99939da5fb1bb
-
SHA512
b7570df26fc63da575a00987123f78eaee5999c50e6fc9b5c1891a753c96ac7237d54945f4577797dee8a4821dbf21d447a5756cd1839e2aa5fc1cb2bad60701
Malware Config
Extracted
Family
icedid
Campaign
3139257902
C2
blandafearz.com
Signatures
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request 1 IoCs
Processes:
rundll32.exeflow pid process 7 4372 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 4372 rundll32.exe 4372 rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4372-130-0x0000000180000000-0x0000000180009000-memory.dmpFilesize
36KB