Overview

overview

10

Static

static

3

core.bat

windows7-x64

10

core.bat

windows10-2004-x64

10

false-64.dll

windows7-x64

10

false-64.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    94s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-12-2024 21:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    false-64.dll

  • Size

    119KB

  • MD5

    68f9ae07d149ab96cd3111e3cafd82c7

  • SHA1

    7f3d516e1ce5b60f9ab0cfcdbd903b4fdbc05680

  • SHA256

    02409f390f1c22afb54028c57c8c61d0ecdc609a4b59e1edcec15693dfe3d4d2

  • SHA512

    3addc218c768224ce55c10fa91b603e7f6190ef068665ed42ee818088231649e4f1170837b491a5c2abe4f3e3e8984b7f0f7c1e5572731c77242a2a773b4fadb

  • SSDEEP

    1536:y0YQOiboI9FEcpGOQ/Wf/dymU/Jcjqef2YQmUuFx1mdBLA4yz8YNKJlxH8L5vSwD:y0YQOIoifHQ/YdAcaRQM8DvT

Score
10/10
icedid1892568649bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1892568649

C2

baeswea.com

bersaww.com
Attributes
  • auth_var

    10

  • url_path

    /news/

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\false-64.dll,#1
    1⤵
      PID:5056

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5056-0-0x0000023B96340000-0x0000023B96377000-memory.dmp

      Filesize

      220KB

      Download

    • memory/5056-2-0x0000023B96340000-0x0000023B96377000-memory.dmp

      Filesize

      220KB

      Download