General
-
Target
dll.zip
-
Size
338KB
-
Sample
220613-wpx6jshhbk
-
MD5
5ce48df8303fb33c3ffb20235dd2190a
-
SHA1
050032d9eebd667cda0e1c0e162ec787413af389
-
SHA256
062a2826e49c63e3867395cfdc5ad0c43492df942abf22fed8351300edf850f6
-
SHA512
e127fa2b40eab45117bc502ba787d2bdda101242587324a086892d3060a5fde57f1d8339178ace5a23ced05550a76b6952c20df429ae1876a41d7779e2d59fe6
Static task
static1
Behavioral task
behavioral1
Sample
dll/98hd0.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
dll/98hd0.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
dll/documents.lnk
Resource
win7-20220414-en
Malware Config
Extracted
icedid
3139257902
blandafearz.com
Targets
-
-
Target
dll/98hd0.dll
-
Size
600KB
-
MD5
85edfe31f8f79da3317dd51c811a422f
-
SHA1
945a3ee6ebcd064a1fd1ea0cacab8b0239aa7a44
-
SHA256
c06754517a87d95fd87ceb75238fab6d25575cc50cf9e34e80b7a2d7b2deeabe
-
SHA512
1cb4555987ca891520be1c843b4eb1c83143c73c43d69b14454a415c0302e80d6ac3f02a684df793486e09dc80d7dad7897e633040a3df259e7e538ef8606c85
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
-
-
Target
dll/documents.lnk
-
Size
2KB
-
MD5
2662217d7160a053f67d1b6c0af659f3
-
SHA1
8e04b41458cde3ef8df0d39887c99ff7f5a24b1e
-
SHA256
bafe7b6cf176c6c22135f179ae9a9b45aa3472b0615f8958e63f20ad0a92089d
-
SHA512
fdb6293b734ce17addfbebcbc4df7ad079ce972735d074f849c52b1b52506484aaeed1ee2d6d54ebdc94fe3db8029d0ca3b5d2e87068576d0731c649a58e7953
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-