General
-
Target
file
-
Size
415KB
-
Sample
220222-tnvmxsahd5
-
MD5
50446566008e4a67b6269552a32a4f1e
-
SHA1
daa3fea7d0b15011e8292ea2876e1d7e305f8115
-
SHA256
bb1d00c11b7972de37cfecbb71b8d5055ccd6d812f730560b72604c6b6493b0a
-
SHA512
f680642ceb9c56507c1a5e544be4817751904824cbc1d79a7b6f02638ddbcd6624a38eecb02868a792a2a32895459c1f1c2df52dff9b57d47b0e9ab34f26dfe8
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
core.bat
Resource
win10v2004-en-20220112
Behavioral task
behavioral3
Sample
hundred-x64.dll
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
hundred-x64.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
icedid
Extracted
icedid
4221486031
xijsry.com
zanokiryq.com
gladmitter.com
-
auth_var
2
-
url_path
/news/
Targets
-
-
Target
core.bat
-
Size
190B
-
MD5
d07bd20c9332a664281324d4d5f24192
-
SHA1
6ddd6d5963dae32b01e7da32f2584063abe7e081
-
SHA256
0fe8f22ad821a9c728388607edfc1ae4248d1d3899bdc76660e76adcbdca6f79
-
SHA512
aa018d93c8b5cbe4c1726903f6a93f5eed7c2f92dc744ef5435fbc2a423c4c61ca2e2526a835f9fd17cfdff8ac17a97b895df1203857a13bd0bbdb2653f72958
Score10/10-
Blocklisted process makes network request
-
-
-
Target
hundred-x64.tmp
-
Size
155KB
-
MD5
2b5854b1aad15a543efdbf3dc956bc4c
-
SHA1
a197d83131619dc4aac605dd2795d4c6beb2cab7
-
SHA256
a386a65396aaaea3b07159f8e5510be29368bb733219848c3ea1c8c8205e839e
-
SHA512
fb9c4c1dac6e01cccb4b54066382ec53a9c1171c9ed5b348abeacea6b583facc199ae52a24bf4a8345b4745524891f8f1e567524525a22df18d2933825d76430
Score10/10 -