Overview

overview

10

Static

static

3

core/cmd.bat

windows7-x64

10

core/cmd.bat

windows10-2004-x64

10

core/syrupx64.dll

windows7-x64

10

core/syrupx64.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    92s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-12-2024 19:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    core/syrupx64.dll

  • Size

    31KB

  • MD5

    051c37b2a61be7d6423f6bb0e903de24

  • SHA1

    7ad50ed7e25b7a00416fd988e4785095a37cb534

  • SHA256

    65f7d007aec8c9a9e7dec1e1a4325762a57d701209bdc42f219dbf93803ef238

  • SHA512

    4c16feca4e3e2a6281b12902fd2e7c1d975fd9a666598e1e6dc65fae813f364e7f58543301cef3ab3961d3a43c369bce50903ce6e48a74acb211f1e70c164ab3

  • SSDEEP

    384:91fb0lSeiERRupSiTIOCq70HvydSeAcCSenPjSeCq8QoKQNzecf:91T0UwirE7HKcDyi+Dx1em

Score
10/10
icedid4221486031bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

4221486031

C2

xijsry.com

zanokiryq.com

gladmitter.com
Attributes
  • auth_var

    3

  • url_path

    /news/

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\core\syrupx64.dll,#1
    1⤵
      PID:4904

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4904-0-0x000001524A9A0000-0x000001524A9D7000-memory.dmp

      Filesize

      220KB

      Download