Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
20-01-2023 22:19
Behavioral task
behavioral1
Sample
8104d707908e315d67575ace9952cc72a4ddae61395899af2710d4827e706a1d.dll
Resource
win7-20221111-en
windows7-x64
3 signatures
150 seconds
General
-
Target
8104d707908e315d67575ace9952cc72a4ddae61395899af2710d4827e706a1d.dll
-
Size
13KB
-
MD5
bbb5e004e2fbc5e88dba4aa163bf4829
-
SHA1
b33998fc4a74e8e57918ecc05b234d85b406786b
-
SHA256
8104d707908e315d67575ace9952cc72a4ddae61395899af2710d4827e706a1d
-
SHA512
5491cea9d1a55d17308dfdf3c07c5a0aae92de1d3f2649aa84b0d44e4ffe0092392c815ad93541f1ca64274f5b99cd2fef15da5326d99f5a67106d0279715b65
-
SSDEEP
384:J5Jxayczq7Yjt9lfle9s6PLaQ6kYGi8i:J5DHYeIlfle9HDNi
Malware Config
Extracted
Family
icedid
Campaign
886885680
Signatures
-
Blocklisted process makes network request 3 IoCs
Processes:
rundll32.exeflow pid process 2 1504 rundll32.exe 5 1504 rundll32.exe 6 1504 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 1504 rundll32.exe 1504 rundll32.exe