General
-
Target
file
-
Size
343KB
-
Sample
220222-tnddmsahb8
-
MD5
110ec3c48f1d9f8341e0e506c9e6d183
-
SHA1
0a2c1805e6429c9c103e787596459e5ebeec7dc1
-
SHA256
b635b49555c431f9c58a52d54007b140dc969245f5a821395c5d0b77e1ba3e7d
-
SHA512
a44f285e6d5ab4c07061455b35ec48ea24339006d07beac333afd42304cdc594d3b35546ea8640c7bdf3b40fa3b93a9452fcc15ad2690427119c021e11ab7d5b
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
core.bat
Resource
win10v2004-en-20220112
Behavioral task
behavioral3
Sample
scorpionx64.dll
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
scorpionx64.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
icedid
Extracted
icedid
3415411565
antnosience.com
seaskysafe.com
-
auth_var
1
-
url_path
/news/
Targets
-
-
Target
core.bat
-
Size
190B
-
MD5
5643357071a13383cebbfba6badd3f5c
-
SHA1
73489b25328d8ccf3e6a3d4e9875053f42aec325
-
SHA256
d0f5468b19c1f1a8fc73ce4ff44543bb6806c6e4061420c91913d8de89eca022
-
SHA512
89d780d4f900f49e9b3987924f9e3439b2f500af41a085f612a64e78b7452b89c9b110c563e514b9c484730a509b84e4ea568d58193f325f66a500c6db969f61
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
-
-
Target
scorpionx64.tmp
-
Size
26KB
-
MD5
8f622f91a72606fb416bd018ebab2a89
-
SHA1
11570558833ec1e2243fb12d669758e25c85a873
-
SHA256
7069a8c1c21038a55d8b7c550696198d128cc30965830bada326fc0453fa0580
-
SHA512
1814c989cf707eb0edcd97971ed3f981a2468ee1f8f0b740922dd1ba0a8a8f7fb6cf9d4c93404013207f2ba593377668234f4f8faa4b855feece4360dda7ec0a
Score10/10 -