General
-
Target
core.zip
-
Size
1.4MB
-
Sample
220926-yrh6hsbhe2
-
MD5
4099709dc74faec7d3cb5a724746ef7a
-
SHA1
4a2dd34fdd34e8f6d6fc3fb19478cdf6d45c5b86
-
SHA256
7a4f8cbe31af9949183720f694f23e5cd7e366ca767704b6c2bd52f5f73d9260
-
SHA512
2eaa3f5b00a88ed3c377b96977a736b5968d2f1eeaa630b7270eeb8383bcc97f5529c038b54647538ce623394865c299e3dfd0dc09a4304071c81667644b2f23
-
SSDEEP
12288:818NeMiWhvCoy0jn94J7mCflxJilgA4j9pI18WJ/PBXJvCP4CyyDUy6:zsWhvCoDpqbdHPy8WRtJvCgCJE
Static task
static1
Behavioral task
behavioral1
Sample
cmd.bat
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
cmd.bat
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
true_x32.dll
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
true_x32.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
2603480109
enamulat.me
frabigwin.info
-
auth_var
7
-
url_path
/news/
Targets
-
-
Target
cmd.bat
-
Size
187B
-
MD5
b332e5f27adbbd9b2aa14867e68c4175
-
SHA1
bc5a3d8ba76d90c1027240c614fed79824d24fd7
-
SHA256
d09cff11dac1cf65d7cd4c276bd623ce18d94ef99581d4d62a18fc72158d9f89
-
SHA512
8d05c08c150676058ba75b954d93d7510b28fe6c85d5b323482dade12edd988364b21f9b036d489cd72c9837bd855e2b1f86d3dcb371fc32c5166a1c211edef2
Score1/10 -
-
-
Target
true_x32.tmp
-
Size
522KB
-
MD5
84e96f3221a94688e42c3495afbb48f5
-
SHA1
0e887a5571591a1613a35266570a50d0a3ac9ac8
-
SHA256
d887c60d18949e7ae121dda69d4a25d331be6b2b806d66f57dc4b20b6b12f069
-
SHA512
53857d362ebec8698f1e4e22ea9677a023d085086059e63ab02915f37612373c5fff3aff8cfcde2a1daf9df0fa521e0bb5bffc4a8d47c3115d99cc06ea6099c8
-
SSDEEP
6144:MNmJMUpS5OozDKkAie/kvCvwyLhi7vkXgpvhNRn:MNeMiWhvCoy0jn9
Score10/10 -