General
-
Target
ahol3m.zip
-
Size
337KB
-
Sample
220613-vxlbaahfaq
-
MD5
bf677988f4812469cb410c481e266a58
-
SHA1
25a5db24334de381d1041b90732c4ad7e5bcb848
-
SHA256
5280ca3c56953d1abbfe59ad6afeb59a3f95526a31aff5b5e4e2a006291261ac
-
SHA512
9d98830f583d7b62556ce7bdded74a258667f02879d70a93306477c5dc200da8817c2c74250ab695d09118ab22c3a9a1f94de7275d53cd3a07ae34098d8985b4
Static task
static1
Behavioral task
behavioral1
Sample
ahol3m/ahol3m.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ahol3m/ahol3m.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
ahol3m/documents.lnk
Resource
win7-20220414-en
Malware Config
Extracted
icedid
1328647508
didojanza.com
Targets
-
-
Target
ahol3m/ahol3m.dll
-
Size
600KB
-
MD5
dea6dbfbfe8dc212d0243a0572fea20e
-
SHA1
cfeaacc43cbafd7ff1aaa97e557cf4bdce67eba0
-
SHA256
433172d2bd5264e40b018ea6627bd3d8b3d37115ca4012899eacd7a066c282a2
-
SHA512
3d0fdbb8b3b999a5a19a2414be8f3a949f395fb29593722b5e8b66141b16347ffa15e4ba4ca6e54536470841d789846cdea63dcfe25e6b5230286ab80645e706
Score1/10 -
-
-
Target
ahol3m/documents.lnk
-
Size
2KB
-
MD5
248322abe291aa979c34ee5f9bd76e70
-
SHA1
fdfa1670324e951e44736b75b4c12d7aac1a4338
-
SHA256
518a3f0b6e5709fcf44b04208167a51f77e4c82283f71b800a6faf297431f36c
-
SHA512
a37819e37d2b93c2043c21339a81ddd7dcc43f933cad369313efe45fee9e51f51e30556455d1e720071f60596d298c594b789e4a1b4fdc104cc903df2c684805
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-