Overview

overview

10

Static

static

5ecf559360...20.dll

windows7_x64

10

5ecf559360...20.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    91s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-06-2022 22:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ecf559360386a5e031490d714317a0507232812d44011d7ca9b304547abce20.dll

  • Size

    68KB

  • MD5

    65a362753c4f3fd3f6c84cf6746bb2dc

  • SHA1

    fd19fef81843404179c54f475e21cbb3c88e6327

  • SHA256

    5ecf559360386a5e031490d714317a0507232812d44011d7ca9b304547abce20

  • SHA512

    496dbc29f1396391fa194e51c658068ffac3078d72ea2a52d6464793b5dffe0231a62ac284262502ade3fd25cf23341ade2f6ae21c0ab6ca8f19e82f9c0cf616

Score
10/10
icedid2237127122bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

2237127122

C2

lokidasterreno.site

onmentalsocio.top

burgomustopr.rest

lopityr4.pw
Attributes
  • auth_var

    2

  • url_path

    /posts/

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5ecf559360386a5e031490d714317a0507232812d44011d7ca9b304547abce20.dll,#1
    1⤵
      PID:1496

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1496-130-0x000001F4F5B30000-0x000001F4F5B67000-memory.dmp
      Filesize

      220KB

      Download