Overview

overview

10

Static

static

10

unpacked_svchost.exe

windows7-x64

1

unpacked_svchost.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    unpacked_svchost.exe

  • Size

    16KB

  • MD5

    22631afc7d9706f566995833748de97f

  • SHA1

    f371c5f78437db887f1717b0eaf594295b0f4969

  • SHA256

    79449670340d763f164bbda0a32e38f3d06a2a3b6cee41d92c47f448710e015a

  • SHA512

    56e119dd3a4f0b9523d4cba4647333fb31e38af2456168c9a14f313e656e662dfdd70d9fec1d897bebc8ba91ab15cc3017651cf68d044e0b74f4f05960b69b82

  • SSDEEP

    96:MMqEESUUhDYXAybZACN3fICtECLi0/r3mvuHg3:MMqr7UhcXAybZBrWwjM3

Score
10/10
loader507327483icedid

Malware Config

Extracted

Family

icedid

Botnet

507327483

C2

boldidiotruss.xyz

nizaoplov.xyz

153ishak.best

ilu21plane.xyz
Attributes
  • auth_var

    2

  • url_path

    /index.php

Signatures

  • IcedID Second Stage Loader 1 IoCs
    loader
  • Icedid family
    icedid
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • unpacked_svchost.exe
    .exe windows:5 windows x86 arch:x86

    0e18f33408be6e4cb217f0266066c51c


    Headers

    Imports

    Sections