Analysis
-
max time kernel
104s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
07-05-2023 09:08
Static task
static1
Behavioral task
behavioral1
Sample
jug.dll
Resource
win7-20230220-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
jug.dll
Resource
win10v2004-20230221-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
jug.dll
-
Size
317KB
-
MD5
c0d45a442b3f1ef9d795e7b83c8fff4a
-
SHA1
b5f3bc186cac696e0664c32c1f4036414f1d5538
-
SHA256
30f7e6a787e359b165a870828621b7c75e39cd2452abe8c707afb28e0b50870d
-
SHA512
2a38fa803ad575028e715bcb7b4fc02f8009aa5bee22b3466df23e084ae8c304d717735f2aa0ccaf41ad9522f62909c0c92778b8e784ae55032b7ec468affcae
-
SSDEEP
6144:hiaIMPl3fdywZzWsIRhcY2EmQ77BkP7+sPI1AFT:hiaxP58X2ikP7U1A1
Score
10/10
Malware Config
Extracted
Family
icedid
Campaign
1023645195
C2
trallfasterinf.com
Signatures
-
Blocklisted process makes network request 2 IoCs
Processes:
rundll32.exeflow pid process 2 1700 rundll32.exe 6 1700 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 1700 rundll32.exe 1700 rundll32.exe