Analysis
-
max time kernel
91s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
11-07-2022 18:30
Static task
static1
Behavioral task
behavioral1
Sample
601d0899645126a73bfa3b2409247b89.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
601d0899645126a73bfa3b2409247b89.dll
-
Size
813KB
-
MD5
601d0899645126a73bfa3b2409247b89
-
SHA1
ae957d62002d89b3d3296d3f8da4a91a424a50de
-
SHA256
1315db635b39175a045d3eff6c7f903a35b83202950069c8585eb56b2c50abda
-
SHA512
806c9c1ed2449d4abb414c218ffb3c108e2f44df183925efaccc8e333505ad67440398215dd32c43f6ef949c754f8e03a9fca27663306aedb2ff417545c9bfc5
Malware Config
Extracted
Family
icedid
Campaign
4105767744
C2
frodupshopping.com
Signatures
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request 1 IoCs
Processes:
rundll32.exeflow pid process 14 2564 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 2564 rundll32.exe 2564 rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2564-130-0x0000000180000000-0x0000000180009000-memory.dmpFilesize
36KB