General
-
Target
countViewSelect.hta
-
Size
3KB
-
Sample
210506-acpfav6n1s
-
MD5
a1f07f22e32902cf1c2493e3886e4ee6
-
SHA1
af0d2e3e25b4c406b6f43585a66b2b2e7a4d527c
-
SHA256
1b61d75451a001135e801d87d846f97819c3bb43419d95bacbe5c5593632ffc2
-
SHA512
afe32dc8f0477df39a0f0327eba321a3a37cc114bb8c4e4a4e689038c2cec438a819b29f33c415acf2166197e70ff43363bf11f17be09dd5c711b3dac4df62d7
Static task
static1
Behavioral task
behavioral1
Sample
countViewSelect.hta
Resource
win7v20210408
Behavioral task
behavioral2
Sample
countViewSelect.hta
Resource
win10v20210410
Malware Config
Extracted
icedid
2941843931
dsedertyhuiokle.top
Targets
-
-
Target
countViewSelect.hta
-
Size
3KB
-
MD5
a1f07f22e32902cf1c2493e3886e4ee6
-
SHA1
af0d2e3e25b4c406b6f43585a66b2b2e7a4d527c
-
SHA256
1b61d75451a001135e801d87d846f97819c3bb43419d95bacbe5c5593632ffc2
-
SHA512
afe32dc8f0477df39a0f0327eba321a3a37cc114bb8c4e4a4e689038c2cec438a819b29f33c415acf2166197e70ff43363bf11f17be09dd5c711b3dac4df62d7
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-