Overview

overview

10

Static

static

3

core 2/cmd.bat

windows7-x64

1

core 2/cmd.bat

windows10-2004-x64

1

core 2/flush-32.dll

windows7-x64

10

core 2/flush-32.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    94s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/12/2024, 18:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    core 2/flush-32.dll

  • Size

    36KB

  • MD5

    7cec6a569641cccd49feaf7da98f357f

  • SHA1

    8ebb0931fc902d96a962f394fd567a2d170308eb

  • SHA256

    6afab1b1ef967ae3065a39108da0bea76ae88ae4a893d8106dabe679d96a51b4

  • SHA512

    40f2b37bdbec174ae13f9d010c596d734cef0ba5d1efa94d08a0eef9f1c171cb0e1cac23d17b42c4f90341d78ea508cc7ab6a63bbd8185bb98eb4b33a3207d38

  • SSDEEP

    384:s+d2+yoP2mwZOYgDZ02EQixOai3eqclA1uu6lA0vg62RRF8uRRd:s+d/DtPDZ0kix9i3ey1d6r46wP9L

Score
10/10
icedid3501025339bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

3501025339

C2

wokitoki.top

selenaserena.today

compozitiminass.top

dakestoci.top
Attributes
  • auth_var

    1

  • url_path

    /news/

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\core 2\flush-32.dll",#1
    1⤵
      PID:552

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/552-0-0x0000014926680000-0x00000149266B7000-memory.dmp

      Filesize

      220KB

      Download