Analysis
-
max time kernel
45s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
09/07/2022, 02:29
Static task
static1
Behavioral task
behavioral1
Sample
2ee7b1f0241d9dbcb623e89db442b14614a21e69384a90f623b3fe4890d9af36.dll
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
2ee7b1f0241d9dbcb623e89db442b14614a21e69384a90f623b3fe4890d9af36.dll
-
Size
534KB
-
MD5
6c86a2b856e38098869ed6f3f3237412
-
SHA1
b2d4f60479e79c56e4550acbce4b2d8d8d7dc5f8
-
SHA256
2ee7b1f0241d9dbcb623e89db442b14614a21e69384a90f623b3fe4890d9af36
-
SHA512
593be66b6916039cc98fc7ded99677be5cfe00afaab9d617141982f2330c3c3f9414070ed002325e267e8447299c4a7f8b84041535df9a322f1b51b64b694eeb
Malware Config
Extracted
Family
icedid
Campaign
227378761
C2
blionarywesta.com
Signatures
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request 1 IoCs
flow pid Process 2 944 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 944 rundll32.exe 944 rundll32.exe