General
-
Target
mar7nal.zip
-
Size
479KB
-
Sample
220621-t1xytaabe3
-
MD5
c290338e42cad6eb1da8d4ddbe44501b
-
SHA1
f088075f5403474508255341caa95cbb2b2bccdb
-
SHA256
53ea4ad90879831faf97cf30b5156bfdd48ccdb00184177a8e4a19f6114b365d
-
SHA512
d8b0a1e467844746ceaba0727d31ab62d38d6829972e69694612a7d90c4252677eeff8a556b59a617e56046d73a75b9df7425e4be438d770f248e40a4e3f61d2
Static task
static1
Behavioral task
behavioral1
Sample
mar7nal/documents.lnk
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
mar7nal/documents.lnk
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
mar7nal/mar7nal.dll
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
mar7nal/mar7nal.dll
Resource
win10v2004-20220414-en
Malware Config
Extracted
icedid
3416991016
bredofenction.com
Targets
-
-
Target
mar7nal/documents.lnk
-
Size
2KB
-
MD5
c47da7e1fb88cc6dbfaba6c3d2fd2ad2
-
SHA1
026b447f94dca2a3959311bb2459f874e780d6a3
-
SHA256
db435a3dd2d860a1dcafad8712f0a233ad0ae9cb7f9277d20aed04b39e27a829
-
SHA512
695abaaf67b305fdebfc68d892af5e9456334c3926f322d9de5e39ed3294e5498e9a764615f704fa96253862ddef4e415c230fc29fa0e073d9b8c16c6264aa28
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
mar7nal/mar7nal.dll
-
Size
858KB
-
MD5
0d4dfb3652a97d182d2ff17b4c76f94d
-
SHA1
64c1e93b105583172b3b52b971adb07fcf532a2e
-
SHA256
9ffca977f775e1c763ecb46f3886db85c530ca8b98ddc5739cf1da1157ef7843
-
SHA512
1c2e4d2d1c6b035bafdb14d3bfbea5dafa5fe2b113e7b1493afe522ba0db9dc961a17d5b0f363be0652118aaa21d1f017b6789e47125bb83f08ddde9812e7f2a
Score1/10 -