General
-
Target
Fromware.dll.4.dr.zip
-
Size
580KB
-
Sample
220420-zevt8acea6
-
MD5
de648cbf156ae5adf5a5005548b7319b
-
SHA1
ded66b61dae24d47da51b068f11f1f98a045f3b7
-
SHA256
435aedd53caa65976f6ca7084a477895c67733218b955bfd8dad04da66ba7f6e
-
SHA512
31cb3ee1bd869906e7ec1eb9b61a15f8b46df44af6d1e50a27c6100e29d067774e5d18e0ca39f3241b046097871556406cc088b869235de23255b1d4fbb04409
Static task
static1
Behavioral task
behavioral1
Sample
Fromware.dll.4.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Fromware.dll.4.dll
Resource
win10-20220414-en
Behavioral task
behavioral3
Sample
Fromware.dll.4.dll
Resource
win10v2004-20220414-en
Malware Config
Extracted
icedid
2544198788
yellwells.com
Targets
-
-
Target
Fromware.dll.4.dr
-
Size
1.8MB
-
MD5
989a47b62f1014d6d937119326ca67a1
-
SHA1
416fcfb222e5224c487bda6eb011fa6f42d96186
-
SHA256
2948d545b8901e331c14faa2def87766e8241360e0595fa8a273c9d0028a3692
-
SHA512
6960e4f345fa4c37632438bd20ae98a281511e34e4febf1af7637b7061c1ba864a0c77bce878860a8a079665197237d608899cc81fadabf62dd1450c66ef00be
Score10/10-
Blocklisted process makes network request
-
Loads dropped DLL
-