icedid | 008a674e33435ce0b892d0a68ac6d01f9606c040da87b21a10ed069729ee04ff

Analysis

max time kernel
117s
max time network
127s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/04/2024, 09:08 UTC

Target

008a674e33435ce0b892d0a68ac6d01f9606c040da87b21a10ed069729ee04ff.dll
Size

164KB
MD5

5cee9f5471e84ef4df2733d371e019d9
SHA1

8f3d62d73b70267156e40a3cebe16430718aa4d4
SHA256

008a674e33435ce0b892d0a68ac6d01f9606c040da87b21a10ed069729ee04ff
SHA512

69758a183204feed5ced5e1838c58e309861da098f4b54a8f758bf520b0e1a326687a2b0f19e97209f118b39c95545fe9b1b585f859e25857b9043816c88092a
SSDEEP

3072:LgjO2yg5iUN+Sh0dCh/0HSMRNX4+OCMNego6AZ+qZoz:Ltjg5bThmM2SQNgAZ+q

Score

10^/10

Family

icedid

Botnet

2354879232

gadverjo.com

hevciak.com

reseptors.com

smallbadcity.com

Attributes

IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
trojan banker icedid

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\008a674e33435ce0b892d0a68ac6d01f9606c040da87b21a10ed069729ee04ff.dll,#1
1⤵
PID:2628

memory/2628-0-0x000007FFFFFA0000-0x000007FFFFFA5000-memory.dmp

Filesize
20KB

Download
memory/2628-1-0x000007FFFFFA0000-0x000007FFFFFA5000-memory.dmp

Filesize
20KB

Download