icedid | d3d0e3512bf398aa0699fe1a57cd769fd0ef1801c110aea63c469f7632f36d50 | Triage

Submit
Reports

Overview

overview

Static

static

d3d0e3512b...50.dll

windows7-x64

1

d3d0e3512b...50.dll

windows10-2004-x64

1

Sharing

Static task

static1

loader 1139942657 icedid

1 signatures

Behavioral task

behavioral1

Sample

d3d0e3512bf398aa0699fe1a57cd769fd0ef1801c110aea63c469f7632f36d50.dll

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

d3d0e3512bf398aa0699fe1a57cd769fd0ef1801c110aea63c469f7632f36d50.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

d3d0e3512bf398aa0699fe1a57cd769fd0ef1801c110aea63c469f7632f36d50
Size

18KB
MD5

bc899c459a26537cea1e3dcca4fa2af9
SHA1

05a0a49fc4dd8a0826265ccd3294ad6cfb84c1ae
SHA256

d3d0e3512bf398aa0699fe1a57cd769fd0ef1801c110aea63c469f7632f36d50
SHA512

7796ae5d38802012a130022e41f65c20ee3b63cb1fde2f422be9f13d126da0fded500a7444666ea4a3c018c904e3adcfdd99c56d7f5dc4d65a75047dd8fafbfc
SSDEEP

384:qAjD8hMkNz6SZglp19MhIwNp0GJm3Ru16LfmHzP9CH2cok4QtmV:qAjD8/N16uXzJV8rmTP9CH5ok4QtQ

Score

10^/10

loader 1139942657 icedid

Malware Config

Extracted

Family

icedid

Campaign

1139942657

C2

bayernbadabum.com

Signatures

Icedid family
icedid

Files

d3d0e3512bf398aa0699fe1a57cd769fd0ef1801c110aea63c469f7632f36d50
.dll regsvr32 windows x64

6a86fe02ef45134cb33cc36718864acd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Sleep
CreateThread
GetLastError
lstrcatA
GetTempPathA
lstrcpyA
CreateDirectoryA

user32

wsprintfW

shell32

SHGetFolderPathA

msvcrt

calloc
free
realloc
memset

Exports

Exports

DllRegisterServer
EntryPoint

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy