General
-
Target
etest.hta
-
Size
99KB
-
Sample
220623-tj5bkagff3
-
MD5
84df3cea303f0410a2a70580b9155bf5
-
SHA1
987eed81fa0822853cb9f826994e75102e086694
-
SHA256
248b6a65b656872525904122e75bd374b772e27c2a8fc6040ec6582fd207e536
-
SHA512
610b39ec2989225794d0b12ef451bddc4bc4f3f77cd2159d9396ca425524256f17ea12b17957070a94704b5aa1a0b5fe5f915dd9d3c610aecc767315e1977616
Static task
static1
Behavioral task
behavioral1
Sample
etest.hta
Resource
win7-20220414-en
Malware Config
Extracted
icedid
3289900935
ilzenhwery.com
Targets
-
-
Target
etest.hta
-
Size
99KB
-
MD5
84df3cea303f0410a2a70580b9155bf5
-
SHA1
987eed81fa0822853cb9f826994e75102e086694
-
SHA256
248b6a65b656872525904122e75bd374b772e27c2a8fc6040ec6582fd207e536
-
SHA512
610b39ec2989225794d0b12ef451bddc4bc4f3f77cd2159d9396ca425524256f17ea12b17957070a94704b5aa1a0b5fe5f915dd9d3c610aecc767315e1977616
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-