General
-
Target
core.zip
-
Size
564KB
-
Sample
220825-qyyksadgdj
-
MD5
fb2703dba10bd4e6c942b2a9d5a771c9
-
SHA1
9e52d31070522d3431034095238c78df4d01c391
-
SHA256
10500913768a5fd78562b91bb314ffd53ef488f5bbe89e329918c2e817b4f937
-
SHA512
eeaee2106f257dedc124e68e789c9f781731bb3ad36f05d4c3214eef213e60d0db8ce3c4fee0d5b8871da51b36b56a263fd9ed9435767441238a1defb87869d3
-
SSDEEP
12288:OmvASC76nku6x/e3Okw8R5CtDMEuW0UvC23nIuJx2iKpS1D:f3C76nd6x/cItQLW0CZ3xH2rC
Static task
static1
Behavioral task
behavioral1
Sample
cmd.bat
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
cmd.bat
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
spatial_64.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
spatial_64.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
3681413287
iionadred.com
hidozwerav.com
seatforillosa.com
carprisesr.com
-
auth_var
14
-
url_path
/news/
Targets
-
-
Target
cmd.bat
-
Size
187B
-
MD5
9d2a4f3ab1024e70fe68eec0ee9c0077
-
SHA1
70046291bdb9d6bd33a767aa3d530e6297e77fe1
-
SHA256
0cd353c820425a04408ccf25fd843d20bd7cc9946bde06fad1662a7a795d87d9
-
SHA512
95c00d528ab75f164f245d444ea15747456bd7072bb01e871105946c8e53f06ef27143d66a87958f776bcb7a7bd5fc3342cfa78ab4114bb2c6eb7018a60022a2
Score1/10 -
-
-
Target
spatial_64.tmp
-
Size
229KB
-
MD5
0da038369894eac14506a8439a548aca
-
SHA1
13c92034699faa2f0df46b7a50cb00c35b5078f0
-
SHA256
f5fb02f92ff4e3ca19cf34c42d208efdf79c497cbaa204dc5c97e6c7d335fad8
-
SHA512
2798bc192d2a7593de431c874a3144f636ac88816f3769c0dd576d4fefa0ea88e1abdd8fe23856878622041fe3805ae3bf73ec35ba16ec3f734360edcc490519
-
SSDEEP
3072:r9nf4S8XjguPLcglLgktfRqQ0xtLfj4ZDSIpTt813vMJ4m0kBWObmg8TjTq+PSrl:rxASCD76CwkuPix/e
Score10/10 -