General
-
Target
demoscan-c49db520-dd57-4417-85a5-8dcf20de5330.iso
-
Size
2.0MB
-
Sample
221004-jjnnpsabak
-
MD5
09c683ef9df673428ecd0cf0b5054a3a
-
SHA1
acb1fd4f20cf0537d1323068f6b58c155c736738
-
SHA256
7aef84a0b5c87ada2445435121ce4222d59cd82888484e45476e26ff855de4e6
-
SHA512
4fbccb6ea4f14adef93493efd3177bed14d6e05e3fdda1f72735b166ecebed7955f05fb9b5f0386dcdc39dc5bfe6bb8850b6071fe3d9d5494223fe1302bdc822
-
SSDEEP
24576:GdxrPWjUb7LRC+aqp1TXhlELmgnCRaayhH2reN7n/x0BCpLU6892N6o10:GdxrOjQs+ZpSCgnC1wvNz7pLNN69
Static task
static1
Behavioral task
behavioral1
Sample
demoscan-c49db520-dd57-4417-85a5-8dcf20de5330.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
demoscan-c49db520-dd57-4417-85a5-8dcf20de5330.lnk
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
976968029
triskawilko.com
Targets
-
-
Target
demoscan-c49db520-dd57-4417-85a5-8dcf20de5330.lnk
-
Size
1KB
-
MD5
8ca36e9fdc991883f27d51a0e82db255
-
SHA1
2cea6364d7592fd2d5ddc67ae6ec8caf08fb0cfb
-
SHA256
be55bf499476985669eb72638cce8015ff6f0e70ceb8f7eb21ef30100bef0a1e
-
SHA512
a0a57abab720f94b1d377954b1b3baaadfbebb9f97f1df76c2195fa887809014784653f6bbd0fd5b9db06cfb0a638b53663ebb981f4e35a31308dfffa92e4529
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-