General
-
Target
Invoice_PDF#3710.iso
-
Size
594KB
-
Sample
221005-tbnnvafadp
-
MD5
e081497ab7cd3da2645a1739b94f3045
-
SHA1
8bff068f94f3aa1fd8298f7bccc48c8b7bb89be4
-
SHA256
e47274291e0862ad3e1d34ee6f87d4c2cf1830621d4a20f61207bcac8c41a431
-
SHA512
70eae6309b6e41becf870932fea8d028fabd282eae9fdf4f04a9d5427bb73979730859df5ee1e68e2bfb9842a4bba4db3d8cb0b6d7d7814b6feb8860d9a835a9
-
SSDEEP
6144:YkaY+79+lSS5lrtyWz2RcnzEecili1nKcp4dbcYY7Dq79Yfw7CFwn/C6m3EyBTlQ:YZY+5CyWz2JnKcp49nUwn/yf4
Static task
static1
Behavioral task
behavioral1
Sample
Invoice_PDF#3710.iso
Resource
win10v2004-20220901-en
Behavioral task
behavioral2
Sample
5486/4164.wsf
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
5486/6363.cmd
Resource
win10v2004-20220812-en
Behavioral task
behavioral4
Sample
5486/react.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
Invoice_PDF.lnk
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
2348925224
fireskupigar.com
Targets
-
-
Target
Invoice_PDF#3710.iso
-
Size
594KB
-
MD5
e081497ab7cd3da2645a1739b94f3045
-
SHA1
8bff068f94f3aa1fd8298f7bccc48c8b7bb89be4
-
SHA256
e47274291e0862ad3e1d34ee6f87d4c2cf1830621d4a20f61207bcac8c41a431
-
SHA512
70eae6309b6e41becf870932fea8d028fabd282eae9fdf4f04a9d5427bb73979730859df5ee1e68e2bfb9842a4bba4db3d8cb0b6d7d7814b6feb8860d9a835a9
-
SSDEEP
6144:YkaY+79+lSS5lrtyWz2RcnzEecili1nKcp4dbcYY7Dq79Yfw7CFwn/C6m3EyBTlQ:YZY+5CyWz2JnKcp49nUwn/yf4
Score3/10 -
-
-
Target
5486/4164.wsf
-
Size
492B
-
MD5
48e32bf41ae100c375795a3efb79cc38
-
SHA1
a100525a27fdec43268a3af82521474fec34f886
-
SHA256
be00ecb33a816545d8b65aa677f2b9c09a3056ae1638f39f96101931267b5ef2
-
SHA512
c4f0c9b77924778a49516d0896c163261ea8b941dcb860d4d8afd71cb2e535cbbb086a9d5250bd1f6f3cec0e8092ad162da485fe713e98e4ba76db9ab23b4565
Score1/10 -
-
-
Target
5486/6363.cmd
-
Size
166B
-
MD5
6ec1f31f3dbbc13727c80f9dc394da5f
-
SHA1
183d51fd30eb61bf7c2606a32b3c73775279269c
-
SHA256
3180cc4d4817408dc2be977806c7769e28ac18f4c8d0c6008e6cc18c975fa352
-
SHA512
59d54e2779a33f1b015dd0d31163875daf067f43890395402eb905955c490ee522b8e497135bc452dc1f554c8108a754c1499aa04ee037f1d7bd79df003a2ffa
Score1/10 -
-
-
Target
5486/react.dat
-
Size
479KB
-
MD5
e1cce7870de028737160dd60cab38de3
-
SHA1
36fc110c770ea382c136826c2749e7468ace21c2
-
SHA256
c391de9c26528d9cc5f9093a0c5d0b4866418d427235c89fd3f4bb316e39ed85
-
SHA512
b31f8ae84ffbc8c19be087ff911325bbf306113197c6adf91d78b3d9ccfc8b833e139f315e9274e018858734f24fad7fc7a0442f9278709ed0f2e684eeef0d0e
-
SSDEEP
6144:ykaY+79+lSS5lrtyWz2RcnzEecili1nKcp4dbcYY7Dq79Yfw7CFwn/C6m39:yZY+5CyWz2JnKcp49nUwne
Score10/10-
Blocklisted process makes network request
-
-
-
Target
Invoice_PDF.lnk
-
Size
1KB
-
MD5
9a5bb1413fdca2ea00b60e9ecfc858ad
-
SHA1
6afc3921d09385534d29088bf7068478b05660c5
-
SHA256
e5337edfba7749932626dbe8bb195506b2983c617d77d577fd73bd77f1428e09
-
SHA512
07f6bba16ed0943f3677e5233895655f5a4a6be39585925be2a7a4f4608d6ee4e4d509db79362f93edb08fa1ff62eab0702495f5a64f972c8291013eb3576ff6
Score3/10 -