General
-
Target
file
-
Size
382KB
-
Sample
211104-atzpaafee3
-
MD5
0f68185f2875019505c498e181421fdf
-
SHA1
f1e932466ac84c3a1e4e9d0b87a770306d5fb919
-
SHA256
bd03b373b18eba66c676a9a10bfed6ba813a2a90412c812946cf47def74b1915
-
SHA512
475946aa0ad6235432de51aab523e3d2f01dc9619938f4f7bdc11f3e36ebc5e1c7b6d6493d3fe37f4706975f23c88aa138577b204d1c7f19de0193dbc4842ef2
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
core.bat
Resource
win10-en-20211014
Behavioral task
behavioral3
Sample
pigeon64.dat.dll
Resource
win7-en-20210920
Behavioral task
behavioral4
Sample
pigeon64.dat.dll
Resource
win10-en-20211014
Malware Config
Extracted
icedid
Extracted
icedid
1217670233
nnelforwfin.top
lakogrefop.rest
hangetilin.top
follytresh.co
-
auth_var
12
-
url_path
/posts/
Targets
-
-
Target
core.bat
-
Size
184B
-
MD5
2b4f27b826aec08eb90ff784b25d048d
-
SHA1
b1444548b53ec112797cc7d03a1e227fe71315ca
-
SHA256
b976471778c3abead8001c5a7db7d39b461e88bbd5322a579d86c1ca725375fb
-
SHA512
d6316825b5372e445941b75b08b04aaee49bab12d752dba4691aac8093100d1632a1b07e6b7d6899c528e6777f0bcfcd977e02a7f8d559b29e205703f573d434
Score10/10-
Blocklisted process makes network request
-
-
-
Target
pigeon64.dat
-
Size
159KB
-
MD5
de317e8f5ed28affbf38306925aa59a8
-
SHA1
38f670fadedf06bf12243b74618c5e4461416a6f
-
SHA256
b16bfd48ebbe416330327d2462bb5084bf0e3dfadd237b10e0c4670ed52532ef
-
SHA512
c9b02fa7effaeba55d1f324da2557c210b04b031991b1909d85dde90fed162d3c3afa8325ec96cd52f306074def915bf7c99e361502fea920bb33f68f322abce
Score10/10 -