General
-
Target
Desktop.zip
-
Size
42KB
-
Sample
220719-va138afdg5
-
MD5
ecfb58e806369c9b3ab45efc2494dfbc
-
SHA1
12971f7e9e531b9c84cde2a2222b88b24dc07bcf
-
SHA256
155905af58052a02721d8b0947798790a03e6256d4c8ad1ba7344f5d62126b3e
-
SHA512
6509fb44335781a6ff7ae7f9d6a1e8545d8d6c234e8ff83c6a163ed195e0605a7b760c03c694c46fc0f2d6f087dc186c6c03f0e8778e38efec3cfefcf8f47118
Static task
static1
Behavioral task
behavioral1
Sample
documents.lnk
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
documents.lnk
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
pg5rto.dll
Resource
win7-20220715-en
Behavioral task
behavioral4
Sample
pg5rto.dll
Resource
win10v2004-20220414-en
Malware Config
Extracted
icedid
2937671378
cootembrast.com
Targets
-
-
Target
documents.lnk
-
Size
1KB
-
MD5
af95728369b85b93607b3e964645a966
-
SHA1
c4bcd5529abe4b9ca1a256ba2268951686121aa0
-
SHA256
ba7c6a42b7a89b3ea12cd03c85d8e5d1d560101e688734cdec156155c4810f8e
-
SHA512
a955fe893872920cdaa0f7c498b87f142c9fd76aecaa5395248f5a209a9ba4a5d0fb9c901a5a3f1378505178fb848bef08da1ec6cff23f11638eb24c979a0615
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
pg5rto.dll
-
Size
96KB
-
MD5
0fdcea20cb8eadebf91415a52c718ae2
-
SHA1
372cb211573d60b5cce3a957898ffa8b16e0f7a9
-
SHA256
ad788ccefcaf826b54ea29499569f8ba092af7cd40fc7768d0b96d73ced95475
-
SHA512
1a15f81d0e0ac5497a5903bf71f724bdddfb1443671d0cc892f836f5afdfed530453377a90ac1c5c0293cc40ed098e982bc4eaea1d1781427708e4cdf61b1b44
Score10/10-
Blocklisted process makes network request
-