Overview
overview
10Static
static
Unpaid_order-.lnk
windows7-x64
3Unpaid_order-.lnk
windows10-2004-x64
3by/could.dll
windows7-x64
10by/could.dll
windows10-2004-x64
10by/get.txt
windows7-x64
1by/get.txt
windows10-2004-x64
1by/worker.cmd
windows7-x64
1by/worker.cmd
windows10-2004-x64
1by/worker.js
windows7-x64
1by/worker.js
windows10-2004-x64
1by/would.txt
windows7-x64
1by/would.txt
windows10-2004-x64
1General
-
Target
invoiceThemedZips_20220719.zip
-
Size
128KB
-
Sample
220719-wbxmvsgegj
-
MD5
c76da9e80c55473b7d8ab5154e1da511
-
SHA1
60afbe8add6dedb197b0e94a3aa2c2d1eebc1163
-
SHA256
bb06c4d1a5161b7c0b34d879b60e20043dcf0f27f7a67585f50837c3b6c4daeb
-
SHA512
6514cd5d3d608cc4c75994c27880cd529301c8314d098d4d5236332bd6ecd3d607419c55f18a6ea2d085161b359b3d09c10322ce45300386582e2621e1998230
Static task
static1
Behavioral task
behavioral1
Sample
Unpaid_order-.lnk
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
Unpaid_order-.lnk
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
by/could.dll
Resource
win7-20220715-en
Behavioral task
behavioral4
Sample
by/could.dll
Resource
win10v2004-20220718-en
Behavioral task
behavioral5
Sample
by/get.txt
Resource
win7-20220718-en
Behavioral task
behavioral6
Sample
by/get.txt
Resource
win10v2004-20220715-en
Behavioral task
behavioral7
Sample
by/worker.cmd
Resource
win7-20220718-en
Behavioral task
behavioral8
Sample
by/worker.cmd
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
by/worker.js
Resource
win7-20220715-en
Behavioral task
behavioral10
Sample
by/worker.js
Resource
win10v2004-20220414-en
Behavioral task
behavioral11
Sample
by/would.txt
Resource
win7-20220715-en
Behavioral task
behavioral12
Sample
by/would.txt
Resource
win10v2004-20220718-en
Malware Config
Extracted
icedid
2745070743
cootembrast.com
Targets
-
-
Target
Unpaid_order-.lnk
-
Size
1KB
-
MD5
870e1e809fda72a052e80e5db50869c2
-
SHA1
31757fafa34604d877cf5964946b601cc2080178
-
SHA256
814a6fd152912d3954d4acaab76fd982338f3c1a84ff5651de718cc82b402421
-
SHA512
c06d3235b884edef137b694c88427842e88f2612002ce7ef06d661b658e6e231ea0d6e85d2a0eb43ef999feb3eaf0b5d735af2b217213bf95fb637ff1b6ce548
Score3/10 -
-
-
Target
by/could.dat
-
Size
102KB
-
MD5
ad0436f20e1ecd7fdf9b4d147d8db2da
-
SHA1
3cf1ddd0da127677149ffb5bfef19193e1f91b3f
-
SHA256
b6d3b7cb6f70a03a54ad1b96149d5e2bea7606392e4f951c3e9b9490065c611f
-
SHA512
0c3a093282be98c579d9534ad47853ccf490ea715dade11aaef288c90a52aae84e1d25b7b61f39c925e311c6a03e7a5845f446f4ecf26f54890ba53a4321a50e
Score10/10-
Blocklisted process makes network request
-
-
-
Target
by/get.txt
-
Size
142KB
-
MD5
801c4a4d4c2ace9a20fb7e9cbb04bd51
-
SHA1
f6c1c3989be85af1fc177c9ba16d6f1d6888c2c9
-
SHA256
ea914ff766135cdbd18c7cf850d2c5f2b309954f335d063d2c2b4947debedb87
-
SHA512
bc0425b26e7b68e23b4ac8ba630c3ace1997dfcb31a9c207844461b18eafb389b2b2494ff9161372c5df3bceb3c1a2246ab08cae1a27902389e167d877ad48eb
Score1/10 -
-
-
Target
by/worker.cmd
-
Size
35B
-
MD5
a855acbe9d85a079c486f81d830f959f
-
SHA1
54b3b73b737ab2288ae3e0d0c18a709776a1e4fa
-
SHA256
3df84d584e0f2985b385af94990b1929ac1d78add2917879bd80067ce81367c0
-
SHA512
8c09dd5667c2c18e26f0fce146bed2d93905f3c7558eb3304068e31b5ccab60471463d6d6f7cb473e4f3cbcf28e096cc4291e57ab630fcfdd1f7c01b19dfbcac
Score1/10 -
-
-
Target
by/worker.js
-
Size
595B
-
MD5
d88d6e139225ad1827ad0a90cfcde6ad
-
SHA1
3639a15444a6a9eb8a1296bb216cf908c96c7648
-
SHA256
0563835d2f039018858b9a89c96bff1bec8450aa75e7b99c6b6b5f471f2b97d4
-
SHA512
83df96b3f7cbcae480f2e7667c7a25ab609d38f991192ca37eb9458115e379578740b02d4d26839ef03bc1d9812d0bbc3e1ecef46979873428c5377abba07e0d
Score1/10 -
-
-
Target
by/would.txt
-
Size
209KB
-
MD5
46547298ca647ba5b9de65294d5fb4bd
-
SHA1
0a6179ecee425998fe620c17c639792209598f42
-
SHA256
2cafb04a89534a075c789c8fa150b87ac168ca3efd75f1099ab5d3e8bb01ba68
-
SHA512
6d7c809bb26263a2dd2171d591ebce010c3f086d4fc2b264fede77a73d244c054601508787554899d85ae581d94e584e5ccba1953780d669f1cef310b4694104
Score1/10 -