General
-
Target
b2bfbf4ebee23a12425d38e65482a578add6109f9feb1a3fad92a8e00a465aef.html
-
Size
1.6MB
-
Sample
221012-s9waxaaag8
-
MD5
5a81bb374e81533579ebbe839ee47fea
-
SHA1
14c31aed809fb360e2f1e0d328414fbc87441b39
-
SHA256
b2bfbf4ebee23a12425d38e65482a578add6109f9feb1a3fad92a8e00a465aef
-
SHA512
a940c715a220bebb068eb45e73ff98b8bf1e25daa16ffe559dfd372389a553c4d253d71eda91798db08cba063257dbd665a274f7d36a49a5263979c71d80e380
-
SSDEEP
24576:Um49ebBHSjIYBOZUPmT+haWSQ4HYHLQ2NOgZMEe2N0W6SQoCll0n:UdjIhZGmUae44HLQzsmjSDrn
Static task
static1
Malware Config
Extracted
icedid
140125615
fireskupigar.com
Targets
-
-
Target
b2bfbf4ebee23a12425d38e65482a578add6109f9feb1a3fad92a8e00a465aef.html
-
Size
1.6MB
-
MD5
5a81bb374e81533579ebbe839ee47fea
-
SHA1
14c31aed809fb360e2f1e0d328414fbc87441b39
-
SHA256
b2bfbf4ebee23a12425d38e65482a578add6109f9feb1a3fad92a8e00a465aef
-
SHA512
a940c715a220bebb068eb45e73ff98b8bf1e25daa16ffe559dfd372389a553c4d253d71eda91798db08cba063257dbd665a274f7d36a49a5263979c71d80e380
-
SSDEEP
24576:Um49ebBHSjIYBOZUPmT+haWSQ4HYHLQ2NOgZMEe2N0W6SQoCll0n:UdjIhZGmUae44HLQzsmjSDrn
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-