General
-
Target
file
-
Size
365KB
-
Sample
220222-tpgsfsahe9
-
MD5
8150d8231ad7d9ae4eb24f4e98b9e4a5
-
SHA1
6e0077ac865cfa5e41b2375b934d3ae5a6a6a6e3
-
SHA256
35cf99defbc5978a4eb7e217347e1393b25243bd526d9e9b853e0709ed972188
-
SHA512
9d64ace17c56f0a968636f0335bcc34e972cf9ef918341dc24c5ef472c2b4e40ecccea6a90fdad78a065cbb816a1bcbc68ba70330e0f3a8aad193f51cff028ad
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
core.bat
Resource
win10v2004-en-20220112
Behavioral task
behavioral3
Sample
future_64.dll
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
future_64.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
icedid
Extracted
icedid
1892568649
baeswea.com
bersaww.com
biglaneat.com
northspaceline.co
-
auth_var
11
-
url_path
/news/
Targets
-
-
Target
core.bat
-
Size
186B
-
MD5
156f24e8e6407e9fa4d30e3f46763332
-
SHA1
17aa3a4b1cc8b9f3acf3568a474fff6a8058c76c
-
SHA256
25988a356548ea8dc87518cc26bf0a3603f415bd46f3f5e9a62cfccae94c3a54
-
SHA512
33449c32a50126afe21d61ce8d21a701a1afaed8eae8306d8db72c5930677e04a01f361fb38b013bbbecb2e0c5fd7fd49a7ae478192ef83ec45e91e42961b0e5
Score10/10-
Blocklisted process makes network request
-
-
-
Target
future_64.dat
-
Size
113KB
-
MD5
e7317be4cdc343ccb724bede45bfee1b
-
SHA1
1cc27c2b4321c8c92f8be36dcdcbfec6d46e6ea2
-
SHA256
32a660a70c9e0893d820dc8d9bc89b4e419d45e7874127de58443aa22a423631
-
SHA512
ea486b98a75e4b6e565a80333612a02e822d916d0c1be03559253299c4e162215da4e17f2fb84ff5f124bf9e1a469da828e2465b69553c66c0b7f2c358faca2f
Score10/10 -