General
-
Target
file
-
Size
380KB
-
Sample
211119-rs3szsdef7
-
MD5
37a9f0026962ab3681968a95c1fb467b
-
SHA1
fee5d4621079facf4517310df5ae05fc907ce27c
-
SHA256
c445b342ec002cf6a2e7a2f01da939a79c374f830c9b1507acc2c30284db6ad2
-
SHA512
1848bb58f83267bdeb37417c6277333fce994811a6ef3d6c6faf0ce9ef986601568a07773cd84317f755e14ec14a81a132ffbe3bb592d1335ed84c96f8306c1a
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
core.bat
Resource
win10-en-20211104
Behavioral task
behavioral3
Sample
robust-32.dat.dll
Resource
win7-en-20211014
Behavioral task
behavioral4
Sample
robust-32.dat.dll
Resource
win10-en-20211104
Malware Config
Extracted
icedid
Extracted
icedid
2237127122
lokidasterreno.site
onmentalsocio.top
burgomustopr.rest
lopityr4.pw
-
auth_var
3
-
url_path
/posts/
Targets
-
-
Target
core.bat
-
Size
186B
-
MD5
6658fcb22e8022f7d1048fd97b97610d
-
SHA1
39463d86161a9ec5fbb1369a79a807ca833e35e1
-
SHA256
619ff80d72c919bb0fa812f89d115b4f54ade7d6df9f236ba21ac390abd1172d
-
SHA512
60df8563382619659d632db38b80908103d648e7821ea50a2378c0bc34009cd7589ebc8df2bf72165b973948cd2032365769fa3dda8b7860a27bf56600e9cbfd
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
-
-
Target
robust-32.dat
-
Size
67KB
-
MD5
44ea8ab0eb40f791faee08907deb77e6
-
SHA1
1e8c8b5faa2604e1708e4bea5ba3a7fac0474f62
-
SHA256
1daaad6aa25bbd65b3f86d09a7480e71a4a768395786752cd1146dcd148f850c
-
SHA512
8752fd02370edcb156ef645b773eefe14d8a2b2561ba919c2d2750d0062b4550ec7b50a15b6552925373efbf54777f68115f3137b7c96738328d15a387adeb66
Score10/10 -