Analysis
-
max time kernel
97s -
max time network
110s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
28-09-2022 13:11
Static task
static1
Behavioral task
behavioral1
Sample
c3aa5d375930415935b167cb7c92e7de.dll
Resource
win7-20220812-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
c3aa5d375930415935b167cb7c92e7de.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
c3aa5d375930415935b167cb7c92e7de.dll
-
Size
452KB
-
MD5
c3aa5d375930415935b167cb7c92e7de
-
SHA1
a072e771509f014530a769811c76f2ad67389a54
-
SHA256
65e45942fd86dca630ae7fea45d6d7aeb231a2ab29572b7649212d2822cfc43f
-
SHA512
42d22a255530c9f6c98f219994c5f4ecb3a51c11de840b152e189975feb9529a391c22aaa1dcc9107d537498f103480d281914d675270ed84e5a484b4c7ad15d
-
SSDEEP
6144:ST5bfQULr+agxZ49J//pZV2jCJOuIBJ0vr:STN5vgxZ6/RmuJOuWOr
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
2349072319
C2
sebdgoldingor.com
Signatures
-
Blocklisted process makes network request 2 IoCs
Processes:
rundll32.exeflow pid process 2 748 rundll32.exe 4 748 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 748 rundll32.exe 748 rundll32.exe