Analysis
-
max time kernel
129s -
max time network
139s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
26-06-2022 05:15
Static task
static1
Behavioral task
behavioral1
Sample
1.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
1.dll
-
Size
718KB
-
MD5
5a0e570b13623c79c9261a8a2cc41f04
-
SHA1
10f6f208907d25f5ec39060a8576ed8387d42c0e
-
SHA256
3dfe63d2c9a7e2f848d2f92171cc577158318b4e9cb62e74ec603be84ba13109
-
SHA512
bbe98f12bbcc0820b98c329df11b20ee69cf49300c31948462978b5d9b398f62374bd2075247c87c3f916ceae89ba1e7a8bd0b76b1e3747345f12f5cb25e2c70
Malware Config
Extracted
Family
icedid
Campaign
109932505
C2
ilekvoyn.com
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
regsvr32.exepid process 2176 regsvr32.exe 2176 regsvr32.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
regsvr32.exepid process 2176 regsvr32.exe