Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
04-07-2022 18:51
Static task
static1
Behavioral task
behavioral1
Sample
3d484699be6b28b0edd4a3e55647beff.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
3d484699be6b28b0edd4a3e55647beff.dll
-
Size
424KB
-
MD5
3d484699be6b28b0edd4a3e55647beff
-
SHA1
d6f7ea8695c61d3894b8f382e08974cd79da7d74
-
SHA256
7e73e4c5cba972050590b768c5612cbf0bcb3ea963ac6286a23608a067e65fcc
-
SHA512
ab30b586d4e3609a6afb2567c408f72c057e0adf5f2f963917f079d3c008e69f0cae46362f0711f9195c79a0f0a178ef31aabbc2963ae38b8e5bccaf4094276b
Malware Config
Extracted
Family
icedid
Campaign
3635541348
C2
piponareatna.com
Signatures
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request 1 IoCs
Processes:
rundll32.exeflow pid process 2 1712 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 1712 rundll32.exe 1712 rundll32.exe