General
-
Target
core.zip
-
Size
349KB
-
Sample
210623-fa6mx24cr2
-
MD5
d86fa85a9902573abc91b7bc80c96e1c
-
SHA1
1202c844cf83f8605380e6b5754b619a7de3a67a
-
SHA256
512b17c540c622e90879c8f382013187f6053a858381364367c258639b34b21e
-
SHA512
05d6becba206748c1d4440ce5766e5265a2d8f0746e858b61d314b390bd5ad8e1d5be94c0bbfd3b4b84ae5cd6e3ae4ac63e084379dea824731a6431ce4a77be5
Static task
static1
Behavioral task
behavioral3
Sample
core/genre-64.dat.dll
Resource
win7v20210408
Behavioral task
behavioral4
Sample
core/genre-64.dat.dll
Resource
win10v20210408
Malware Config
Extracted
icedid
Extracted
icedid
987543880
fimlubindu.top
vindurualeg.top
bigcostarikas.top
extrimefigim.top
-
auth_var
8
-
url_path
/news/
Targets
-
-
Target
core/cmd.bat
-
Size
188B
-
MD5
18922a31adfef9144b9c68694a211b48
-
SHA1
1e63fbb6511e15ba07f555c11b2a05d63e49b5a3
-
SHA256
68867aec1fd8a6eb416081c747705e847de95c033f5b38eb57ea575c69397210
-
SHA512
573349edbae1baf769457402c65670b9d76facec7c056010a7b2a556d433d9176418cd4a2a39dd04654c3c4216019d27d47e15a6c1fd4f4fdcc57d5f98664a4a
-
Blocklisted process makes network request
-
-
-
Target
core/genre-64.dat
-
Size
48KB
-
MD5
1a90ea27cf944e04b70ca2f3c92ab6d9
-
SHA1
3cdb8c31496d5de43fcd627077f98a5548a22627
-
SHA256
039a59bfb6b07872a7bba707045f9639d029c2009b4c4297af1526cdaa07d479
-
SHA512
a41b590e5b2b1bcf1c6e5db066b74eec41e29976a2193e2bffc0f96571888e86f44197e813dd78f8814e752b70466e18622c27ea050ed954b2bf639157fac535
Score1/10 -