icedid | 1708-54-0x0000000180000000-0x0000000180009000-memory[.]dmp | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1708-54-0x...ry.dll

windows7-x64

3

1708-54-0x...ry.dll

windows10-2004-x64

3

Sharing

Static task

static1

loader 600996711 icedid

1 signatures

Behavioral task

behavioral1

Sample

1708-54-0x0000000180000000-0x0000000180009000-memory.dll

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

1708-54-0x0000000180000000-0x0000000180009000-memory.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1708-54-0x0000000180000000-0x0000000180009000-memory.dmp
Size

36KB
MD5

d8308d284b95b8d1220dfd9840cd05f3
SHA1

b707ffec4b1ac680866ac5269908ec656335b34e
SHA256

9d9e26ecf69f1205ed30bf602dc9b148e6d049a956ed8644eb143523eec947cf
SHA512

704d6a4f51641608ce347e1984ac40722a9e509c0cf012025f301a600fdeadf3dd3f315b3f54e40b86e9d9737f13d02d7094cfe0f2c1bb5d6103db50b7877b99
SSDEEP

192:hHVMfa7TTCjJSixzPSAA56RCK7Yu/VPgw3XBAQYfPq/3Kb:h1Mf0gJSix2AA56RCiZV9GQYnq/6b

Score

10^/10

loader 600996711 icedid

Malware Config

Extracted

Family

icedid

Campaign

600996711

C2

axilapodiumz.com

Signatures

Icedid family
icedid

Files

1708-54-0x0000000180000000-0x0000000180009000-memory.dmp
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.c
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.