General
-
Target
core.zip
-
Size
382KB
-
Sample
211104-s8qn2aghg4
-
MD5
d3865da71a0c3405b9cf3b0635047217
-
SHA1
9231f3db214b5328169bdac1db9fa409e52538dc
-
SHA256
1b7dd10e893720eacb20354eb2873f2d219e0e1f57be1cae7af00f488aa669f8
-
SHA512
2fb779b837029420ad7ae1002eb91db2b93d4ecae81044a6b27de79085a0efd04da5927c3cd2b4c3524b632886becb99e07e4e7d0c30ced743e47faf44f1c851
Static task
static1
Behavioral task
behavioral1
Sample
core/pigeon64.dat.dll
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
core/pigeon64.dat.dll
Resource
win10-en-20210920
Behavioral task
behavioral3
Sample
core/cmd.bat
Resource
win7-en-20211014
Behavioral task
behavioral4
Sample
core/cmd.bat
Resource
win10-en-20210920
Malware Config
Extracted
icedid
1217670233
nnelforwfin.top
lakogrefop.rest
hangetilin.top
follytresh.co
-
auth_var
12
-
url_path
/posts/
Extracted
icedid
Targets
-
-
Target
core/cmd.bat
-
Size
191B
-
MD5
4abc6fa88d816505d38bd81fc1bedad8
-
SHA1
9d6076a565be4f1f621c85a69afdc0a14cc07290
-
SHA256
8327701ebf41547606cc4fa1461609c40d9662a553f4baece4f6534cc5a94799
-
SHA512
5d3359e5cc9308d681e3dad628caa2768aa7de1e3c4fb4a3588ae263a05f43d889f2b7e843f42c96ca1ac6bcb4fa53fe4b5dbf7d1636bda91fda6ce1eb801292
Score10/10 -
-
-
Target
core/pigeon64.dat
-
Size
159KB
-
MD5
de317e8f5ed28affbf38306925aa59a8
-
SHA1
38f670fadedf06bf12243b74618c5e4461416a6f
-
SHA256
b16bfd48ebbe416330327d2462bb5084bf0e3dfadd237b10e0c4670ed52532ef
-
SHA512
c9b02fa7effaeba55d1f324da2557c210b04b031991b1909d85dde90fed162d3c3afa8325ec96cd52f306074def915bf7c99e361502fea920bb33f68f322abce
Score10/10-
Blocklisted process makes network request
-