General
-
Target
core.zip
-
Size
631KB
-
Sample
220816-vckh9aeeg4
-
MD5
02c9ea57ed860fdaeb7a610c023cab8f
-
SHA1
7f5bdc3df53bcf882dc7f83ff6a2e622633423d2
-
SHA256
28661e4a0f43711df5b1637f6ee03046939db4991d56940e1e6e10425008232b
-
SHA512
873498db1ba15435a476b0fb18e32cbc0e282e331e76ccfadafe73dbdc7a41c51c774bb8b74a1f9a8f195b01ffb19d482965dcce66480bd3fbf1225dd0cdad05
-
SSDEEP
12288:xJG2luCHeqmggNsf1+7H0vYmOkw8R5CtDMEuW0UvC23nIuJx2iKpZuh:y2lzBmjstD7ItQLW0CZ3xH2rW
Static task
static1
Behavioral task
behavioral1
Sample
cmd.bat
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
cmd.bat
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
winter-.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
winter-.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
2672825827
xikolaman.com
iboracarde.com
cementqbilly.com
qaderation.top
-
auth_var
17
-
url_path
/news/
Targets
-
-
Target
cmd.bat
-
Size
184B
-
MD5
a8d097c4b5b56a3b864107da9275de81
-
SHA1
631dad0d2d6cc7dd2add1dfc57a6717bc1dcd9c4
-
SHA256
c9598b2fde394149f3a1ee115a9576edf8ad789200271c130991b4d6fd948d4c
-
SHA512
e1b64017107ce35554847f02461acea5ab8f0ded5ff7e7360c483ff3748331e1af70bdce453772ad795849a08f1bf8789b23f58988a70a4191226548c7cf5843
Score1/10 -
-
-
Target
winter-.dat
-
Size
296KB
-
MD5
3767e2dad64d6b0ea14664acd2ba520c
-
SHA1
9809ff35c742adae6a009ec646ce8d74c7942a4c
-
SHA256
3ee4fc9da984841a49261c68d395e312fe8606f2e82e65c50b4462397e23d662
-
SHA512
a389831301c74c74ff85376bd96a9f8673a96dcc6c573acf03a1657758e6d6c362228a6e3d9d9e1bfc46046bc669c66d40e9312561b60ffc9d2371d931f905d9
-
SSDEEP
6144:IBrSluO9jEYztpSqmlzT+mpNsnDBVLQaqsc7H2PvY464:s2luCHeqmggNsf1+7H0vY
Score10/10 -