Overview

overview

10

Static

static

10

bb60465a9c...f8.dll

windows7-x64

10

bb60465a9c...f8.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-11-2022 19:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bb60465a9c47cacadb3209400d9ec8b35c9c5c81350bc355bcc476352621aaf8.dll

  • Size

    13KB

  • MD5

    f443cb6474bdd96fce56e997e0f03638

  • SHA1

    b807f1a5e701c2f2a83c265cb1dd1add8ad05c74

  • SHA256

    bb60465a9c47cacadb3209400d9ec8b35c9c5c81350bc355bcc476352621aaf8

  • SHA512

    30d912afda7ce9501fc8bdb4ef5a3c4eb0090e4d8e14c48a12023a2b68d893ec1025c1d9be276203828a1627ae283b956646db2ccbdac100d4b1c3073cbd1704

  • SSDEEP

    192:sHVMfa7TTCjJSixzPSAA56RCK7Yu/VPgwRbZJXBAQYfPq/3KbA:s1Mf0gJSix2AA56RCiZV59GQYnq/6bA

Score
10/10
icedid1609463178bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

1609463178

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\bb60465a9c47cacadb3209400d9ec8b35c9c5c81350bc355bcc476352621aaf8.dll
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads