General
-
Target
file
-
Size
380KB
-
Sample
211124-vln8ssgdf6
-
MD5
934af4e101fd07ed58701663e59027f5
-
SHA1
151534684364c20f685ec8e59af469a3d7a5cbb7
-
SHA256
fbe3fc4926ed67359b39778cbc6c39f681d859bb21d64028d5f86cbc7ad14811
-
SHA512
5d097e3da71194072f56e49002166f3eeff51cd9035f39dfb34e527fcb238750ed7777f6fe4c899a30ec7f6b9b1ccad8e0a9d56d8d6c92adfe0fae0ec58bb318
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
core.bat
Resource
win10-en-20211014
Behavioral task
behavioral3
Sample
group_32.tmp.dll
Resource
win7-en-20211104
Behavioral task
behavioral4
Sample
group_32.tmp.dll
Resource
win10-en-20211014
Malware Config
Extracted
icedid
Extracted
icedid
2237127122
lokidasterreno.site
burgomustopr.rest
lopityr4.pw
rocesdilin.top
-
auth_var
6
-
url_path
/posts/
Targets
-
-
Target
core.bat
-
Size
184B
-
MD5
7ad0df2088d6f4b4f1ab680985460161
-
SHA1
2611de6578b61c2f806ddd5d2bdab3c284936167
-
SHA256
550b39c60eca29760f353e42deffac5f8c7dcfd5b9f44132ba2ed29f6d0293f8
-
SHA512
82571323d4beffae2417e2e4231faba8609fc0b7fd178d942ed5ad3113b44d4ecb2d150bcb963c0c42ce9a4847d0e8535312675f6b7837e4b6c316ecec004261
Score10/10-
Blocklisted process makes network request
-
-
-
Target
group_32.tmp
-
Size
64KB
-
MD5
e6d3086f7370e07e3217142f13f44bef
-
SHA1
2cbbb7f93e43727b4dd1d3e1cc45d7a2c3e90c6e
-
SHA256
7c8185c7f9fa5f7b2e402fbf5831fde7fa1c23fda6684472d137ebacf6888571
-
SHA512
6117ad25adb8988bbebcb378305eadc8c5a9e8e4610910295ae4a07e7479d2b343ed6c303b2fbb752cf8df7cc614802cdbe53dac958d17a75ea4f487b3b702e9
Score10/10 -