General
-
Target
file
-
Size
386KB
-
Sample
220222-tn54naahe4
-
MD5
71d5b8c8428f8e2d49d622a278bc0f9b
-
SHA1
6670e41ef8d4c2009e2724afb68bf3a4c8dde74d
-
SHA256
4a1e79e6833daa66920cf392b5d8824c974f949b8cf030f84c7cdd614a7593e4
-
SHA512
17db1352f21e0403c175c221a0d9401ac959a6f6cd34bf6a10c8ea88fd3e72a7d9ec30ca560717b8fc57e583be0c6941ed7c027309c8d8a3dd39cc0b60925a0c
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
core.bat
Resource
win10v2004-en-20220113
Behavioral task
behavioral3
Sample
disagree_64.dll
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
disagree_64.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
icedid
Extracted
icedid
3106999479
balliordan.com
oprenfirst.com
loremurs.com
-
auth_var
17
-
url_path
/news/
Targets
-
-
Target
core.bat
-
Size
190B
-
MD5
b371a32954a65fd25242c7bc6ee7d016
-
SHA1
7b578f9159af52d1d28cfaf51d98dfe981ecf051
-
SHA256
4b9de41732720ad65ebc31cdefd50c4586dfac2fbdd7cd572212ecfacadad78e
-
SHA512
dced839b0fd50d9e20a8781e1c81f366361a4e3471b61253ac999e160acd144bc2799f6e907cca31dad129fee9a5831bb820f0076524e57f3dc3174e325d8a7c
Score10/10-
Blocklisted process makes network request
-
-
-
Target
disagree_64.dat
-
Size
103KB
-
MD5
6837a588065ef9365f0aea36f5d55d87
-
SHA1
c2cfda21f94897fbde9860f2aa52226666861afe
-
SHA256
b633239177bf929bcd2a9f043afa4e372d310d100eed7512733091f2e8a39371
-
SHA512
83d70ae29404145e73fde3df503204c47601545189df2e6c9887d6eaa2081d59c54b96784772f036807883e3300d95fb3ff7f0045fbc37e079142f153d80a9fa
Score10/10 -