Analysis
-
max time kernel
30s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
21-11-2022 12:20
Static task
static1
Behavioral task
behavioral1
Sample
96849c71c8d88d020bb2fdb44faf3c8a4e1c9a6e2c1126016757ef73807f78b9.exe
Resource
win7-20221111-en
windows7-x64
2 signatures
150 seconds
General
-
Target
96849c71c8d88d020bb2fdb44faf3c8a4e1c9a6e2c1126016757ef73807f78b9.exe
-
Size
560KB
-
MD5
d997fb33d0ad2cc1ddf6214af84d4a2a
-
SHA1
175026fc7ba8c7b0566264723561cca250f48f07
-
SHA256
96849c71c8d88d020bb2fdb44faf3c8a4e1c9a6e2c1126016757ef73807f78b9
-
SHA512
ff414cbdbe82594d599ca487f9ddba98593270d98dd2a4eee4c0f8703200be08264d17a77836ab4421a5f0614a06ac97b66bb00bd4ecca6df0ed6abf2fc9e45a
-
SSDEEP
6144:AQJt0hn3E6U3DHpwKyLmKyLmKyL36cYV6b4/O47KkOPowb9wZTR:Du1spwkk9UVT7twRaV
Malware Config
Extracted
Family
icedid
Campaign
181658900
C2
asiksliopakt.com
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
96849c71c8d88d020bb2fdb44faf3c8a4e1c9a6e2c1126016757ef73807f78b9.exepid process 1632 96849c71c8d88d020bb2fdb44faf3c8a4e1c9a6e2c1126016757ef73807f78b9.exe 1632 96849c71c8d88d020bb2fdb44faf3c8a4e1c9a6e2c1126016757ef73807f78b9.exe