Analysis
-
max time kernel
92s -
max time network
96s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
18-11-2022 18:31
Static task
static1
Behavioral task
behavioral1
Sample
wifely.dll
Resource
win7-20221111-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
wifely.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
wifely.dll
-
Size
49KB
-
MD5
f232967433d5490c9409a4b6a7568367
-
SHA1
fd5760d359e597daf91cdfea7415a870547f7ad2
-
SHA256
2ef312bd91e56ac551bc223b1c8a1a2c170bdd402a0f4845862ad497ade8c84e
-
SHA512
50a6532d06e2e5154d2c85a29044db875027d9b9a7e38647727d3902744e9c0cbe3da2605c9c17af11a7485dbff5b5cadfb984e89db622af2435a53d0c2068bc
-
SSDEEP
768:ki9IlCuxlaboLzk8FQm5OzR4HziHF47DPh/x8bQZ2w0Nt8ASwn5:kiWl3LzPIdEzqFI7v8sZE+ASwn5
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
3822462527
C2
sciiultaelinoza.com
Signatures
-
Blocklisted process makes network request 2 IoCs
Processes:
rundll32.exeflow pid process 3 1724 rundll32.exe 4 1724 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 1724 rundll32.exe 1724 rundll32.exe