General
-
Target
file-130722.1464.iso
-
Size
3.0MB
-
Sample
220718-hpsn6sbcgm
-
MD5
61554f3c081cc8a598a47ec2bda60ffc
-
SHA1
b945c5d27296e210f430aa72a71829e5dbdb7bbf
-
SHA256
b85a883b3b21e4f7dfe3311a3be4686f881fc2dddd177f5703123fa13ea01cff
-
SHA512
7792467eac58fe9ac763f3ea38266bed7d36c253c5ddcefcfa93d42e5915d3d633fd094e805283306c22c57633654f2390d6cc21e55272906e0e35b771ff5bec
Static task
static1
Behavioral task
behavioral1
Sample
VNXdz2Gs.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
VNXdz2Gs.dll
Resource
win10v2004-20220715-en
Behavioral task
behavioral3
Sample
file-130722.1464.png.lnk
Resource
win7-20220715-en
Behavioral task
behavioral4
Sample
file-130722.1464.png.lnk
Resource
win10v2004-20220414-en
Malware Config
Extracted
icedid
294489237
alldogsedag.com
Targets
-
-
Target
VNXdz2Gs.dll
-
Size
56KB
-
MD5
dd5afccc2179838bf0a0b4900de45ec4
-
SHA1
8f8e2f1c289a896dfccebb0eaa6b46de190682aa
-
SHA256
f09f832b797e71224bc05637a12527b9fc9c04147a70a6778f8aff2538a1b2b4
-
SHA512
9706ddd49f4ea568c8002c0a2a63f9529945abaacca7add454ddbe15af238f32a8479fb280b8fa28be844fe97539bc2dc511ad1086ba94c1cf95302034172d23
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
-
-
Target
file-130722.1464.png.lnk
-
Size
1KB
-
MD5
2312f38d6a5a49a2b24f70fe6bbd983d
-
SHA1
e7f642a3972583d81ed9e64a01895fa4d64f8b53
-
SHA256
30e7b2bf2df763da04179d02298876f72b67ef8a000cea237787a86500ff9fca
-
SHA512
520e856dfee2a80dacf52616a887fa5ffe68b3d905d2fb1900739fdf4d7a8599aa5614b108cea5edd3060a324a3cb6f1877e54d5493a6b0d4ff6bb769ed95155
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-