General
-
Target
20220725.zip
-
Size
80KB
-
Sample
220725-rqd2vaaec6
-
MD5
69603cf11939274dbfc0b9b0403d38f9
-
SHA1
0d7934670f8f2c4cd00a990a16ad7b29a613e3b7
-
SHA256
7165785dfa943c4301d3c41fe534e1e640558dd2cf1472d91563859473c49482
-
SHA512
076683ac6e95cf1d19f6045fd42f240e3aa55a026e4b5cab632ec584199753acbf21e14aef8973ac00ffc3729fdb59ef7bf64bdf4ee55f0aed2fe755176f14de
Static task
static1
Behavioral task
behavioral1
Sample
documents.lnk
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
documents.lnk
Resource
win10v2004-20220721-en
Behavioral task
behavioral3
Sample
so2ra4.dll
Resource
win7-20220718-en
Behavioral task
behavioral4
Sample
so2ra4.dll
Resource
win10v2004-20220721-en
Malware Config
Extracted
icedid
4149266980
floatascentry.com
Targets
-
-
Target
documents.lnk
-
Size
1KB
-
MD5
75eba57c332573915fa4547c735bfeb0
-
SHA1
178c8465dc4d7f38d15396bcf2655a90e63e7c1c
-
SHA256
a82828f07dbc49fbbb62d0bceb3655978c93fca720cd2dace8265a9052e3fee2
-
SHA512
df15de37185c6778a888d0092df2b300d4376ab832d62a10534136ab20594f07938d8c7b37ce994ea2396da2b9a906ec26cd22e802a3ccf9fbd3cda1164b134d
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
so2ra4.dll
-
Size
318KB
-
MD5
6133bfa54f1ac476b1fdc581570bce34
-
SHA1
d4da7922d963747197e166476363375bd678dd56
-
SHA256
27034a7c21b1b1fbc471104f3ffb804974886653e73b958dba2a671e27c64e04
-
SHA512
03147aca9ae4f9cef1fb02ba29d8701053de4720d84ce6daf8b8c3bc648b958eb1b7ced2a1e15973fe1ac7f742b3863091af50d53ab36b48dcabac0f3025bbdf
Score10/10-
Blocklisted process makes network request
-