General
-
Target
file
-
Size
418KB
-
Sample
220222-tntevsbhhn
-
MD5
690d86ead01c121e589a722dde2b2f4a
-
SHA1
1b83bf4e3fc5824f7f5155297c3639a391cb2fea
-
SHA256
5796a437dd7d59ec8f6321b5b309b590fbe32790de872c4cbf5990eceb4815e4
-
SHA512
ccbd29e9839cab868916ef1b473739da7c04c48f4a86e9be480b46130b152674357f4de639b5604bb317ead409dcf1beeb6dec3adc739da74fa4a806e7800e8a
Static task
static1
Behavioral task
behavioral1
Sample
coin_.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
coin_.dll
Resource
win10v2004-en-20220113
Behavioral task
behavioral3
Sample
core.bat
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
core.bat
Resource
win10v2004-en-20220112
Malware Config
Extracted
icedid
4221486031
xijsry.com
zanokiryq.com
gladmitter.com
-
auth_var
3
-
url_path
/news/
Extracted
icedid
Targets
-
-
Target
coin_.tmp
-
Size
168KB
-
MD5
86ca4e1a615a597f75680a65ed980c29
-
SHA1
c7ac192295f1d32f550558f1e92373e23949f721
-
SHA256
477bce9457c040cd69f4853b20e1b3de3957f15ca39d2a2d95bb8e1153d0d0bd
-
SHA512
2ad88296cfbdb5af9865a575f1460178b449c96f46434d276c93d450087dba0f4fc3defe6659f1115fd77413f445486c4069c3ded8809f73dd3614608f3b75f2
Score10/10 -
-
-
Target
core.bat
-
Size
178B
-
MD5
cbc2ea3eb64c0f67285c81aa8ea96706
-
SHA1
cbd6dc70e9c737e7f8942a37245294d7e71a4939
-
SHA256
1de3497f0ffceb8538797bdfbcae232ce67086dfadd576de614e229c4e7304d6
-
SHA512
75d795ec30dce1dc9345d002b25783645b551dbbf41ac3b72d0940a4671915108ae4ebc90e937c85c49bb9873b9f32784f8d4f93f2f7e55e0d76e401b314b90f
Score10/10-
Blocklisted process makes network request
-