Behavioral task
behavioral1
Sample
1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b.exe
Resource
win7-20220414-en
General
-
Target
1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b.zip
-
Size
11KB
-
MD5
3752b93e17ee18f12e1ec39e16ba18f4
-
SHA1
774aa5f9bd59d69d44a919b760415cf00525d3ef
-
SHA256
be11cfcc3eb2073ebfcde431616fd6ee25060fa49cb99536a56cc113faba4137
-
SHA512
b6be1981456f842e4ad4f78f0c0d02e734825a2698c206ce3d0f8cf6cad044ddc152386fef196f90e0bae6c069d3b800b9bac59e6452002e16150b48ed7aba08
-
SSDEEP
192:94wJL30JjL/27RzlgtPvGViJcdDGfp6FX3QHIy8CWje7j89xB+eNwH0gIoPtWBGv:mwJLEZjwYt2ViJcd6fkp2IY+46MlWBvu
Malware Config
Extracted
icedid
468039940
arelyevennot.top
Signatures
Files
-
1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b.zip.zip
Password: infected
-
1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b.exe windows x64
6f47fcee2ed0c51eb460709bb51d1057
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
msvcrt
memset
winhttp
WinHttpQueryOption
kernel32
GetComputerNameExA
LoadLibraryA
GetProcAddress
HeapAlloc
HeapReAlloc
HeapFree
Sections
.c Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.r Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.d Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE