Overview
overview
10Static
static
fac078655a...53.iso
windows7-x64
3fac078655a...53.iso
windows10-2004-x64
3Unpaid_order-.lnk
windows7-x64
3Unpaid_order-.lnk
windows10-2004-x64
3would/with.dll
windows7-x64
10would/with.dll
windows10-2004-x64
10would/worker.cmd
windows7-x64
1would/worker.cmd
windows10-2004-x64
1would/worker.js
windows7-x64
1would/worker.js
windows10-2004-x64
1General
-
Target
7737096156.zip
-
Size
128KB
-
Sample
220719-yvpgpsbgdk
-
MD5
468ebf273dd7018672027ca30b2910b1
-
SHA1
991601b055a6886f820487de0d3aa2492cccb98c
-
SHA256
7ef4bf3d02183fe1ccf354e6609d0a30f26fcec0004f04bd49f9e883bb19f7b4
-
SHA512
6f7e9ff31c15502b4369e657ab462f6b1dd54230813ef9f65299d81955ae2a95e2905ac2b8ddfd519f820ebd3744100261c14a886bda2e1053163f94d2590313
Static task
static1
Behavioral task
behavioral1
Sample
fac078655a3f20ac3d4f4119c0b6b1ad25b3fa4de49c7b30dac9f1fac7a47853.iso
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
fac078655a3f20ac3d4f4119c0b6b1ad25b3fa4de49c7b30dac9f1fac7a47853.iso
Resource
win10v2004-20220718-en
Behavioral task
behavioral3
Sample
Unpaid_order-.lnk
Resource
win7-20220718-en
Behavioral task
behavioral4
Sample
Unpaid_order-.lnk
Resource
win10v2004-20220718-en
Behavioral task
behavioral5
Sample
would/with.dll
Resource
win7-20220715-en
Behavioral task
behavioral6
Sample
would/with.dll
Resource
win10v2004-20220718-en
Behavioral task
behavioral7
Sample
would/worker.cmd
Resource
win7-20220718-en
Behavioral task
behavioral8
Sample
would/worker.cmd
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
would/worker.js
Resource
win7-20220718-en
Behavioral task
behavioral10
Sample
would/worker.js
Resource
win10v2004-20220718-en
Malware Config
Extracted
icedid
2745070743
cootembrast.com
Targets
-
-
Target
fac078655a3f20ac3d4f4119c0b6b1ad25b3fa4de49c7b30dac9f1fac7a47853
-
Size
252KB
-
MD5
27f2598140a3c631e7a0ef5856fc9d3d
-
SHA1
2b01f21a1e6d16b74db339c4e4fed4bf17ee6efc
-
SHA256
fac078655a3f20ac3d4f4119c0b6b1ad25b3fa4de49c7b30dac9f1fac7a47853
-
SHA512
68ba0478178ca93695131a420d3e9d7fff16f27ebcfe8854a05fb8088ea9116664e40158f3f1adde9d04532ca349d68ed16d5051cefd750ea9e7abeb7c54f3d3
Score3/10 -
-
-
Target
Unpaid_order-.lnk
-
Size
1KB
-
MD5
57083b6f777f5fc405998dfba18c96b2
-
SHA1
887f9327f85c467bed14509392347b1d252a4e76
-
SHA256
6cf647ad3e7c980e024ae6fa58cf2081977124c7f3933b18954a70f8e59a7331
-
SHA512
9a987f3a2ee5bb88c180a6a2fe55d57b0a5c0ca4dcc3df144fef5d7bed376f4e4f0afde52a3448cae2b476a2ebf2ceab249bc7338080770c65aae60202392bc0
Score3/10 -
-
-
Target
would/with.dat
-
Size
102KB
-
MD5
6ed95de1bbb49e1a1629b5bf0946685d
-
SHA1
0649d21ad8b3dbd87f46657321e586fb7076785f
-
SHA256
eafe0b7e096d944aa5b53ca9c134915e3d557d4963e252415c181f39f2057279
-
SHA512
5d2ae631d6c47069a91395c42a6da2172d2ac79c5d6c70320818c3682084a6c9884c5b3092b80b1caf5a9bccf9c22a53d4281733bd76b0dd93c0871d788898d9
Score10/10-
Blocklisted process makes network request
-
-
-
Target
would/worker.cmd
-
Size
38B
-
MD5
4dfc194be090d7f0374d83d6fe7132ce
-
SHA1
8e9fe8acc3925344cdd574af749959ed45b549d8
-
SHA256
47027d0855077414e00142d7041140db86bf67dc49b38564dde7b16af1ffca76
-
SHA512
1d60940fccfbd0f649c078d0a2094bc8be7eb592f118fc0591d07f57bfc959ef08a51607bb1ca1f16fe16b52e639e9b043cf74d72d0b390cc27bb5ed862682f8
Score1/10 -
-
-
Target
would/worker.js
-
Size
597B
-
MD5
0f7953fa835ed01c52e43fc5adcdc82f
-
SHA1
9aa18d66d3e28260065899b0771a4612d00be192
-
SHA256
8167ea65b66c76dc7093793d1f018ac8743c0ce697c6f914110aa3ac138f62a0
-
SHA512
808235dba8c4dd42057d067ade149d003cda406bc5fa46768d3bdc04537235a0175df1bd2357bf85f1af750a82329f050edc6ea68fadaee6c10f3edd8d60414a
Score1/10 -