Analysis
-
max time kernel
133s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
03-02-2023 03:35
Behavioral task
behavioral1
Sample
6d2389a68dabe362e1cc83907680ef143384187f42c0d3fbb55b87ed2284271e.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6d2389a68dabe362e1cc83907680ef143384187f42c0d3fbb55b87ed2284271e.dll
Resource
win10v2004-20220812-en
General
-
Target
6d2389a68dabe362e1cc83907680ef143384187f42c0d3fbb55b87ed2284271e.dll
-
Size
13KB
-
MD5
6fd1466075575c24e661d4d6cf2db3fa
-
SHA1
f6f107ec7eea9ecc5cab57f1ace5566755b0befa
-
SHA256
6d2389a68dabe362e1cc83907680ef143384187f42c0d3fbb55b87ed2284271e
-
SHA512
bc74a56049d643088d2f766e4c9e74ed1ac8913a092f4128e9c7b4e0b0153b1fdc354a6b06d40d8fb0844a5859158fae52245d87f901ec133817e8820b4b817a
-
SSDEEP
192:Xu+nM5KC/zxayGc3gzq7YjDaqzJCueT+RfbZne9s6PLlGtMP0tkYGijYz:K5Jxayczq7Yjt9lfle9s6PLaQ6kYGi8
Malware Config
Extracted
icedid
2255569783
Signatures
-
Blocklisted process makes network request 3 IoCs
Processes:
rundll32.exeflow pid process 4 4532 rundll32.exe 43 4532 rundll32.exe 69 4532 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 4532 rundll32.exe 4532 rundll32.exe