Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
25-06-2022 15:32
General
-
Target
600A21358E2CC2D5D50B014C4A4DF03435B136BEC0EE7.exe
-
Size
455KB
-
MD5
15909876d5b6303d1d13a2553a57a789
-
SHA1
6f23da32a732804f3cdc31d44a459dab27ebdfa9
-
SHA256
600a21358e2cc2d5d50b014c4a4df03435b136bec0ee7903eb88d4368fe37647
-
SHA512
37b0aa06453582859b882c598e5c637ce988ee9e91f90941dbcef1cedec1328e313d4a935c6dfa5fd21e568f69119412a25ba6f801508dbf70cefae86d4d81c3
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
117589798
C2
panyinth.top
Signatures
-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\600A21358E2CC2D5D50B014C4A4DF03435B136BEC0EE7.exe"C:\Users\Admin\AppData\Local\Temp\600A21358E2CC2D5D50B014C4A4DF03435B136BEC0EE7.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2476-130-0x000001C8BD540000-0x000001C8BD549000-memory.dmpFilesize
36KB