Analysis
-
max time kernel
153s -
max time network
159s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
11-11-2022 08:18
Static task
static1
Behavioral task
behavioral1
Sample
7078612.dll
Resource
win7-20220812-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
7078612.dll
Resource
win10v2004-20220901-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
7078612.dll
-
Size
91KB
-
MD5
2120174eaa75a9870c98a5751f8c97b6
-
SHA1
dc089c25a8b7e0d424475aba62b529fa82628f1e
-
SHA256
7bb09ce68b85cd829f8a5abac097d1b270d03fab0f0db93218778f7d1c5efaab
-
SHA512
7dccae41d851f465207e46608c280c01550b2257dd72c89a17839a92028c8d981405bfa8d06bbef2727b7e46d761ef652f5a7d2512bac93112795fd42484a4dd
-
SSDEEP
1536:s7MciKmfn5eolbsVewMRnvMEUmpqHTIMjQuVFvPRYYAG2UDhyLPuOba6Qs+8ZJQ+:81m/hsJMYmpqHkqvJYYdRh1sap0aYOwf
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1420621704
C2
aerbuschartint.com
Signatures
-
Blocklisted process makes network request 3 IoCs
Processes:
rundll32.exeflow pid process 2 704 rundll32.exe 4 704 rundll32.exe 5 704 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 704 rundll32.exe 704 rundll32.exe