General
-
Target
55373dadacce0948c35bec4521f423886d931f3143bd89f10b109a0130bb5bbd
-
Size
619KB
-
Sample
220725-t7ze8aafhj
-
MD5
e86fba721d4415b0527b3f5264b5f1d5
-
SHA1
8ea963c7ebe4015dd520725cda4f62b14ffc1678
-
SHA256
55373dadacce0948c35bec4521f423886d931f3143bd89f10b109a0130bb5bbd
-
SHA512
7e762b091bae01e3be483b68ec6231e8ab4f82f189e49931e7fe12437deaf0371d55e3e7b1ab3347d1ba5c41d69f6e22b31b52c2d94f50fe63fe58b6c37d9e50
Static task
static1
Behavioral task
behavioral1
Sample
55373dadacce0948c35bec4521f423886d931f3143bd89f10b109a0130bb5bbd.exe
Resource
win7-20220718-en
Malware Config
Extracted
icedid
829561804
monerto.top
guiertr.top
tyuerse.top
ziones.top
gerrredona.top
nameseorin.top
dirosad.top
colonisfg.com
-
auth_var
1
-
url_path
/index.php
Targets
-
-
Target
55373dadacce0948c35bec4521f423886d931f3143bd89f10b109a0130bb5bbd
-
Size
619KB
-
MD5
e86fba721d4415b0527b3f5264b5f1d5
-
SHA1
8ea963c7ebe4015dd520725cda4f62b14ffc1678
-
SHA256
55373dadacce0948c35bec4521f423886d931f3143bd89f10b109a0130bb5bbd
-
SHA512
7e762b091bae01e3be483b68ec6231e8ab4f82f189e49931e7fe12437deaf0371d55e3e7b1ab3347d1ba5c41d69f6e22b31b52c2d94f50fe63fe58b6c37d9e50
-
IcedID Second Stage Loader
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-