General
-
Target
Desktop.zip
-
Size
81KB
-
Sample
220725-tcy6zadad6
-
MD5
76d978ff7417daeb977381bc05437235
-
SHA1
905e2fc901a5d481cff6be0a9ca6144437662b01
-
SHA256
30ed2efd76f309efd4b853a3efb2f240906a36edca47f8616a6981bc9eab01df
-
SHA512
fae6f133778c4c2bb521d98447c6b7b1bf152d109b8bd921d0f26aae6ac3ade3404f20b5de6ffd62a0a7bfe98e16b65fb80533365b9fef363de1d41c81dd66e8
Static task
static1
Behavioral task
behavioral1
Sample
documents.lnk
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
documents.lnk
Resource
win10v2004-20220722-en
Behavioral task
behavioral3
Sample
so2ra4.dll
Resource
win7-20220718-en
Behavioral task
behavioral4
Sample
so2ra4.dll
Resource
win10v2004-20220722-en
Malware Config
Extracted
icedid
4149266980
floatascentry.com
Targets
-
-
Target
documents.lnk
-
Size
1KB
-
MD5
75eba57c332573915fa4547c735bfeb0
-
SHA1
178c8465dc4d7f38d15396bcf2655a90e63e7c1c
-
SHA256
a82828f07dbc49fbbb62d0bceb3655978c93fca720cd2dace8265a9052e3fee2
-
SHA512
df15de37185c6778a888d0092df2b300d4376ab832d62a10534136ab20594f07938d8c7b37ce994ea2396da2b9a906ec26cd22e802a3ccf9fbd3cda1164b134d
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
so2ra4.dll
-
Size
318KB
-
MD5
9b7a8483c04543e87b09658717219d44
-
SHA1
48741415154f1148d6910165658ed056e9ad7249
-
SHA256
15c0f11ed817ad32034de1da17fda8d6328d895fda20548eda176ee0982c6aa8
-
SHA512
cbc703457713d5e85024023b7f82927469f810c23a2b6b8994aceee03d4df6e3b6c09efa79d31067996bd82a9f7a3aae59c9787334057237f0deccb0b3f82192
Score10/10-
Blocklisted process makes network request
-