General
-
Target
notification_7445063.iso
-
Size
52KB
-
Sample
220711-vwzghsbbdr
-
MD5
b567aa8e6dec6432c40b9c1f2d312091
-
SHA1
117fcab286bbcc2061a5f9951975efb5556f92f7
-
SHA256
c692971a6d01abb4d1c51b25e18b03818c68b891764fbe1eb8113f8a473d1002
-
SHA512
0244eaf15f30d5c5d82e66a23987ffa325444a77039c613f5a3ab34fc630ac4058364f0e719211de9476de7caca0ee149aae57e85049e5173e209988a5db68aa
Static task
static1
Behavioral task
behavioral1
Sample
DATA/TEST1.ps1
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
DATA/TEST1.ps1
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
NOTIFI~1.lnk
Resource
win7-20220414-en
Malware Config
Extracted
icedid
177045904
blionarywesta.com
Targets
-
-
Target
DATA/TEST1.PS1
-
Size
254B
-
MD5
1b5488df8337c5ca90ecd5eca89d8cb1
-
SHA1
95b3633602915d5dd574ee2bdc586341dcca192c
-
SHA256
f7ff8630fe5289c50dc83d9b5f528ec980163157447e3449e5a538f1068bd156
-
SHA512
78c1ec7b03dabb76c039e1fcaf496597ce812dabcab2a7a9c4799e27676f63098d88ca1d8eb7a4ce660dbd8b70fda70319a08e9ba74502bb1ef6616d6f1236f3
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-
-
-
Target
NOTIFI~1.LNK
-
Size
1KB
-
MD5
00f5104d4918972ad7c605428137f680
-
SHA1
a0a334485a670b459c5d752199dc186e46a36196
-
SHA256
0f67ae6cfb884d170af88a69de9083231f713f468fee762002148f010fdf7f72
-
SHA512
ee20634ffc8b9256c0afba74bc975bba99a93fd0404fa578301e1bc838304aebf94afacc9f64b2dea587cdbb7aa043b995f8de8263f28d9fec7b96a15df4dccf
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-