General
-
Target
core.zip
-
Size
617KB
-
Sample
220824-rjvq1sedcp
-
MD5
2555267b18ef4039d8c4dcae49ce40ed
-
SHA1
9a3407e0f2f4f9a64cb059c65ce066da48f0b6e5
-
SHA256
6880bb0870d5055dd53aa48318677d6f5effaacd946ae9fb5ef345bebf622a57
-
SHA512
32aad90103c4989a61be1071965dfb130937410e1f2b404282cca39ecac81fff0a5b4cd2c8eea00973302583b91c5c90ee332699bd2f5f4f84244d8280b229c4
-
SSDEEP
12288:WR4lhcI/O1OQtCZFeWOTpOVsR+Okw8R5CtDMEuW0UvC23nIuJx2iKpi+A:lP1/O1OQyFpOTpY0oItQLW0CZ3xH2r6
Static task
static1
Behavioral task
behavioral1
Sample
cmd.bat
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
cmd.bat
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
stove_x32.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
stove_x32.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
3524611504
wronigrabs.com
nokainptisarda.com
-
auth_var
19
-
url_path
/news/
Targets
-
-
Target
cmd.bat
-
Size
186B
-
MD5
ed508bb2d64d183a031529369c381ca0
-
SHA1
2cf761161524892d54dd1eb628a37f39c4e441c0
-
SHA256
f64c69b3f00c372a236881e34d861dc52817e7f03847fd156c70ee316b12a802
-
SHA512
c30cecd1f9f8565a0a4f24f8cc1422dfe55cc038e3bfab9ce9b8879a47d263bfc0a1c4938aee363ace275ed9577e6772eefc0905024eee1034c6af7f45788086
Score1/10 -
-
-
Target
stove_x32.tmp
-
Size
283KB
-
MD5
57070e0b51dca9c3037d9e1c5fb4e465
-
SHA1
34e0923c5cc19e0d0092180f97e912121e23fe93
-
SHA256
8e69a8102c4c28f174f498d063cb4f7b92300888cdf696de04c6497525410e06
-
SHA512
6f25a912b645b84f15623dd1f4faf7d26e8000892483c3046588f6b828a40a93cb3ea9e47110ba97d38d2d6b0e2114158c868477e3b4a80f95d159e2c845f648
-
SSDEEP
6144:el9BZZiIZdhgQa1OQtC/53ZT4H/rqKCgTpKhR/sREA:elhcI/O1OQtCZFeWOTpOVsR
Score10/10 -