General
-
Target
attachment.zip
-
Size
1.1MB
-
Sample
221004-ssfh5abfep
-
MD5
36efd5e8462b46456ae79ed51df79d2a
-
SHA1
97d92bcc113d3dcec34c99a74e451ab8e783e448
-
SHA256
ac10a9d3bfa9c849e71c29773a6a0514e7168c50e35675f39efe770dd9910c79
-
SHA512
e3ffe6e9f4ec637e68fcde0376486c8878833ec85c295d6e2715d06b8143d5143a387fa1a953cafebcde86d682281d0507640b365f660c3a6f15e5dea83d3679
-
SSDEEP
24576:rooAWGEh12o26JQ7dSIU1xU5/H3N8UdqH6D4YkGo5+VAZAxuuX:rooAWGEh1tJs8Cv3NtY6D4Wo5vZ+5X
Static task
static1
Behavioral task
behavioral1
Sample
scan-8b2bda1b-2536-411b-a1b3-f54ce7e73124.iso
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
scan-8b2bda1b-2536-411b-a1b3-f54ce7e73124.iso
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
3270265e-2684-4dd5-a085-ade5cf0a4a35.dll
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
3270265e-2684-4dd5-a085-ade5cf0a4a35.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
scan-8b2bda1b-2536-411b-a1b3-f54ce7e73124.lnk
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
scan-8b2bda1b-2536-411b-a1b3-f54ce7e73124.lnk
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
140125615
fireskupigar.com
Targets
-
-
Target
scan-8b2bda1b-2536-411b-a1b3-f54ce7e73124.iso
-
Size
1.8MB
-
MD5
1379fddaf175543aaa03d14d9b487ba1
-
SHA1
59b3b8f97b64149064f24563c51c155c258ca9c2
-
SHA256
d2178b009e4e39ee1a2afbc6b9ffbc7a2e77f47dbbb6618ae5f25ffacd277834
-
SHA512
a88d0fb1a43b6eb3861c6f319f58a56394a57b572bd95fd03c0d21183f0c52062a8907c71d7407afabe14fabf738ce3fa8c8ff5a68be9533a3b6476a55d6fb8a
-
SSDEEP
24576:TB3lPrWuXS/SxockV62gDJmw0WrNpEMiHMFEWQWDyuKcpk:dlPrDvxoT6Fmw0WJGM8QQAyT
Score3/10 -
-
-
Target
3270265e-2684-4dd5-a085-ade5cf0a4a35.fVj
-
Size
479KB
-
MD5
ff0659f9c55b7bf3c2571b0ac3336db4
-
SHA1
a4f5d4eb04ee20ca7537bea06f8b5a40a263f46f
-
SHA256
a930c4e91e95095ece02d7458c0ebcf911c31e6d82fe53432c5ea121a6cdc930
-
SHA512
06830cc7b396cbca068a58f8533a8d5c53f80a09221941df3c6388701a3cf567bea8e6d62c3793607ccf648c639d08cc9917a144731796bfc45be040e7b743f3
-
SSDEEP
6144:jT9EzyOHtyKDRZFLincnzifwl1nKcpE+F6SpmfSJOea/89X7VLFdmlD20m9W:jxEzyKyyv4SnKcpzXFI20p
Score1/10 -
-
-
Target
scan-8b2bda1b-2536-411b-a1b3-f54ce7e73124.lnk
-
Size
1KB
-
MD5
00718d06a456f725b8e021b28f61aad0
-
SHA1
733a257e57ab16c206bd991c13ee5d9779a179ea
-
SHA256
afdf46308c8696f9c9e8b1d0b8ab3889b81758506a4e7ab5cc028a5db1599e64
-
SHA512
c1cbe2ef4e766b16d29a8fa87bad3944560c7307c993f49f12a310e32bc1653a79327d1ef78aebb031dc19d3f2c044301c6178743f491f5f1b87eb69187a8e16
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-