General
-
Target
file
-
Size
382KB
-
Sample
211104-ak7crsfed8
-
MD5
14eca8dcd1d7f55fc00b0eb576e6c716
-
SHA1
7846c553275de01d2123364946a4a559dfb61ef9
-
SHA256
518b579371fd20b1fac46b91db010452eb348f2fef981a7f5f8c69e98ea730f8
-
SHA512
942284a8a99b843e9ab00b6aeb8ad99c7bdeb0300502c3ac3fe5de406e8b3ff5bb0b3faa336ed8cb8e92d74f36e3f1de85fe12403812b78d9ac9e6940181607f
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
core.bat
Resource
win10-en-20210920
Behavioral task
behavioral3
Sample
pigeon64.dat.dll
Resource
win7-en-20210920
Behavioral task
behavioral4
Sample
pigeon64.dat.dll
Resource
win10-en-20211014
Malware Config
Extracted
icedid
Extracted
icedid
1217670233
nnelforwfin.top
lakogrefop.rest
hangetilin.top
follytresh.co
-
auth_var
12
-
url_path
/posts/
Targets
-
-
Target
core.bat
-
Size
184B
-
MD5
2b4f27b826aec08eb90ff784b25d048d
-
SHA1
b1444548b53ec112797cc7d03a1e227fe71315ca
-
SHA256
b976471778c3abead8001c5a7db7d39b461e88bbd5322a579d86c1ca725375fb
-
SHA512
d6316825b5372e445941b75b08b04aaee49bab12d752dba4691aac8093100d1632a1b07e6b7d6899c528e6777f0bcfcd977e02a7f8d559b29e205703f573d434
Score10/10-
Blocklisted process makes network request
-
-
-
Target
pigeon64.dat
-
Size
159KB
-
MD5
de317e8f5ed28affbf38306925aa59a8
-
SHA1
38f670fadedf06bf12243b74618c5e4461416a6f
-
SHA256
b16bfd48ebbe416330327d2462bb5084bf0e3dfadd237b10e0c4670ed52532ef
-
SHA512
c9b02fa7effaeba55d1f324da2557c210b04b031991b1909d85dde90fed162d3c3afa8325ec96cd52f306074def915bf7c99e361502fea920bb33f68f322abce
Score10/10 -