General
-
Target
Desktop.zip
-
Size
59KB
-
Sample
220720-q85rvaffh9
-
MD5
383de9987abe67ded552f924bc69b1c9
-
SHA1
a8caf87ccb1156f168bc65965387beabde8408c6
-
SHA256
04692716664c373f49de80fda84c1cfd32730b689a0040a91ad417765d8e25fe
-
SHA512
e843f745ed97a93c14d224483ee9bc93e180deb6e53240e552017785625afb2108ef156d15e98cb702040fc302ccb99386a4c7b21537f54046d7b690f11c5a82
Static task
static1
Behavioral task
behavioral1
Sample
b4ramo.dll
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
b4ramo.dll
Resource
win10v2004-20220718-en
Behavioral task
behavioral3
Sample
documents.lnk
Resource
win7-20220715-en
Behavioral task
behavioral4
Sample
documents.lnk
Resource
win10v2004-20220718-en
Malware Config
Extracted
icedid
4182822218
explorblins.com
Targets
-
-
Target
b4ramo.dll
-
Size
174KB
-
MD5
a1db3c5322f324af0c20c7e68577ea33
-
SHA1
6add8032c0d03423347976c55d278fc3d269bfa4
-
SHA256
47d418843812bec2262dc42a7cf4a02f0413276127758f6d6411b89e29eaed40
-
SHA512
67689f0bec9dc2428c3721d6b798f40f84b7bafdb556f4312240b579657cb492369394a525e0d8291fe9c34a48436f74d4bfa90b1b0614cc6a4088fbb5711a56
Score10/10-
Blocklisted process makes network request
-
-
-
Target
documents.lnk
-
Size
1KB
-
MD5
2ac780fa4ac2cf6e12c32d542601b999
-
SHA1
8179e357dbfc6b38fee5514e77aef0511a85d9ed
-
SHA256
aa2ee0a0341d11e12466d161d7e08ee29731e615e3cec6cc6769f3ab808f2c2e
-
SHA512
0d03b3b89bcd84c28cca8afafc98a400c3fae720562372166d0389f159c22ce0b559d508f21587e5e8bd207292e4ed0064d801e116bf40c9f6b4fb3cf89a9ab9
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-