Overview

overview

10

Static

static

3

b5e2ad5408...2e.dll

windows7-x64

10

b5e2ad5408...2e.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    09-06-2024 07:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b5e2ad54080589007d5d50c7fa886f6a7299265a60b4aee073e3ae7b9e89d22e.dll

  • Size

    38KB

  • MD5

    9eab152235102355a9ac0293a1c22562

  • SHA1

    e7bd145aecfde1acc497492746e37b53445dda7f

  • SHA256

    b5e2ad54080589007d5d50c7fa886f6a7299265a60b4aee073e3ae7b9e89d22e

  • SHA512

    ebd4c439a5a0173207209b1834de209e94b7ff83386225a9c22eae30358cda00d07155ac7cc2205b0bef9401706d0d3d5568ff14a97b8698574c6f762bd3f479

  • SSDEEP

    384:3Ss9+y4P2mwASOYgDZE2UQixOai3II7ZUq7WoiZHM9pP8njLlMGaZHM9pg:3SsETLJPDZE0ix9i3I0ZWqMM

Score
10/10
icedid1465037635bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1465037635

C2

parkinihol.top

iserunifish.top

souldeppen.today

lidclimmon.top
Attributes
  • auth_var

    4

  • url_path

    /news/

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\b5e2ad54080589007d5d50c7fa886f6a7299265a60b4aee073e3ae7b9e89d22e.dll,#1
    1⤵
      PID:3068

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3068-0-0x00000000002C0000-0x00000000002F7000-memory.dmp

      Filesize

      220KB

      Download