Analysis
-
max time kernel
139s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
12-10-2023 12:51
Static task
static1
Behavioral task
behavioral1
Sample
e71772b0518fa9bc6dddd370de2d6b0869671264591d377cdad703fa5a75c338.dll
Resource
win7-20230831-en
3 signatures
150 seconds
General
-
Target
e71772b0518fa9bc6dddd370de2d6b0869671264591d377cdad703fa5a75c338.dll
-
Size
202KB
-
MD5
14f37c8690dda318f9e9f63196169510
-
SHA1
306e4ede6c7ea75ef5841f052f9c40e3a761c177
-
SHA256
e71772b0518fa9bc6dddd370de2d6b0869671264591d377cdad703fa5a75c338
-
SHA512
33c7112ef61c7ef8f4bdec84ebb04559543226dd6d2bd6fdbf72463aae31bb9fbef5adb06cc9cfeb3bd8e8516fb9573072dd39d0ef8d422f907468e750187d0d
-
SSDEEP
3072:b27BXMOgLBU5OdG+jsMOcpHDOgNlfb/BIqeeaqptN:b2NdsPdG+DOirCOaC
Malware Config
Extracted
Family
icedid
Campaign
89792758
C2
trentonkaizerfak.com
Signatures
-
Blocklisted process makes network request 3 IoCs
Processes:
rundll32.exeflow pid process 30 4900 rundll32.exe 68 4900 rundll32.exe 77 4900 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 4900 rundll32.exe 4900 rundll32.exe