Analysis
-
max time kernel
44s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
21-11-2022 12:19
Static task
static1
Behavioral task
behavioral1
Sample
5397c0a9bed881d599e89ce303475f852ad677e248036f1b8d273051f1a50da0.exe
Resource
win7-20220901-en
windows7-x64
2 signatures
150 seconds
General
-
Target
5397c0a9bed881d599e89ce303475f852ad677e248036f1b8d273051f1a50da0.exe
-
Size
596KB
-
MD5
14545a35632ed4da111face279f17c67
-
SHA1
3d557bf8f649b4a0ec328c82b4178846b5854dec
-
SHA256
5397c0a9bed881d599e89ce303475f852ad677e248036f1b8d273051f1a50da0
-
SHA512
0d8b5d935f289d33f64883a6f9523d29f2e83a4da9f00d46224ea745db7be13300d770a62052b7e924492c55297a14920c639e854973d732cc644e511af38277
-
SSDEEP
6144:KQJt0hn3E6U3DHpwKyLmKyLmKyLKjP0ux89vqqrDanemkfUPFQ/dA:tu1spwkkwjh8tGXkcM2
Malware Config
Extracted
Family
icedid
Campaign
181658900
C2
asiksliopakt.com
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
5397c0a9bed881d599e89ce303475f852ad677e248036f1b8d273051f1a50da0.exepid process 1264 5397c0a9bed881d599e89ce303475f852ad677e248036f1b8d273051f1a50da0.exe 1264 5397c0a9bed881d599e89ce303475f852ad677e248036f1b8d273051f1a50da0.exe