General
-
Target
iso.zip
-
Size
79KB
-
Sample
220720-kabhfseahm
-
MD5
481b88191f388c5490525aa97117425e
-
SHA1
dcbeb000a62e8e52f54c6c8f229897c558710799
-
SHA256
a8faaeab28b3a80dd9a2aedda26a6b2c41a9c582de2fd091f34b3bb371bdd4b0
-
SHA512
b196a87a795fc9b302c0efc2ad9bc5703cf2488b57539b74c7ef654b5bf80ecdc0c5a430238b26fd9c977d1084e0377a6feaebe2118730869415f630a880fce2
Static task
static1
Behavioral task
behavioral1
Sample
iso/am1lo4.dll
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
iso/am1lo4.dll
Resource
win10v2004-20220718-en
Behavioral task
behavioral3
Sample
iso/documents.lnk
Resource
win7-20220718-en
Behavioral task
behavioral4
Sample
iso/documents.lnk
Resource
win10v2004-20220718-en
Malware Config
Extracted
icedid
1094353980
aftersunicox.com
Targets
-
-
Target
iso/am1lo4.dll
-
Size
147KB
-
MD5
e41d5bf7f1bfd5d67bcf6f2107c35272
-
SHA1
1b2e54ea1a221e1bb2ccc85091d27725c1d0444e
-
SHA256
71591ddc02eadac622c577be5d5e8c714904d7a96c7eb4e2609c4ff76ee10f86
-
SHA512
a84f24df490325b222dc3ac0f5b7d2df9458f5f67e458e25abf083e6c5e337396a18dcb23ef03d6508189a8fd8d258879ed890f03cc21ed6d52efdc002641468
Score10/10-
Blocklisted process makes network request
-
-
-
Target
iso/documents.lnk
-
Size
1KB
-
MD5
8b6854e62af721babbb0a3770fe4e4f8
-
SHA1
0358318460abb60d09bef967408870b805cac041
-
SHA256
f6be0f739a1130aa6f0155b890038a8857da52e79471bf337384662470bd6d9e
-
SHA512
338c786fba164c8a626b66ccde4e04b3ee06c7abaef0ad34b3034a4e71852619ddd37aa5ba96f6ef20ddf3133b787c750fde0d3db0e6ac604de2fe354b4921ba
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-