Analysis
-
max time kernel
95s -
max time network
110s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
03-10-2022 07:00
Static task
static1
Behavioral task
behavioral1
Sample
greased.db.dll
Resource
win7-20220901-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
greased.db.dll
Resource
win10v2004-20220901-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
greased.db.dll
-
Size
452KB
-
MD5
aac6ab4f1caf549ea190d3db9077a65f
-
SHA1
d78cb7235b1a9f3867f96d6ca062861d96ff6d81
-
SHA256
2c17d9bdef6130eb1e3a4a5523b8b92ccb851d87661a38b141f43949f5b26915
-
SHA512
dcc9941d2c22989c3662a514f51167f375ae42852eea200dcfd901379dbce5c235f0f84f253f5e8d3393b8d4ccb993dc050f6a061a35547dd03feb18470713f2
-
SSDEEP
6144:qu5bfQULr+agxZ49J//pZV2jCJOuIBJ0vm:quN5vgxZ6/RmuJOuWOm
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
2349072319
C2
sebdgoldingor.com
Signatures
-
Blocklisted process makes network request 2 IoCs
Processes:
rundll32.exeflow pid process 2 1284 rundll32.exe 4 1284 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 1284 rundll32.exe 1284 rundll32.exe