Analysis
-
max time kernel
53s -
max time network
71s -
platform
windows10-2004_x64 -
resource
win10v2004-20220721-en -
resource tags
arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system -
submitted
21/07/2022, 13:02
Static task
static1
Behavioral task
behavioral1
Sample
make.dll
Resource
win7-20220718-en
4 signatures
150 seconds
General
-
Target
make.dll
-
Size
181KB
-
MD5
1094bdc0d94e649e0633cc92f9da8678
-
SHA1
7ec62b8731e1272c0940c82a9e7781727406f3be
-
SHA256
78cce189647150d2e9f7e041c9112fe183d33967f3e45e55e8bba86c1c59abb7
-
SHA512
605bdac1b1d2ac4ff05e0a0244b6e285db48318c3fc6a026823bf1168b48b8d3e853229404e9787857ffaf83942d93055df85cbe7e1b1349757382b1e94aaacb
Malware Config
Extracted
Family
icedid
Campaign
901680721
C2
explorblins.com
Signatures
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request 1 IoCs
flow pid Process 2 4284 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 4284 rundll32.exe 4284 rundll32.exe