Overview
overview
10Static
static
Document.lnk
windows7-x64
3Document.lnk
windows10-2004-x64
3belts/bivouac.cmd
windows7-x64
1belts/bivouac.cmd
windows10-2004-x64
1belts/eclectic.cmd
windows7-x64
1belts/eclectic.cmd
windows10-2004-x64
1belts/trampling.dll
windows7-x64
10belts/trampling.dll
windows10-2004-x64
10General
-
Target
Document_NA45.iso
-
Size
428KB
-
Sample
221111-qqhvcsfg26
-
MD5
3c5487bc6066920a97cfb73a59f0b969
-
SHA1
a535a46f6450419a5a02f0a88d5bd9807a5e14c4
-
SHA256
a560238eee153b62fd9a6a01752d7e28d6409d0cd2fe1688ea5aee84b2199756
-
SHA512
91e8e7b3932f041913f3969cb1047b23a9d26ccf91fc0f6a8b2856886c121c1f98ea0133fbc28ff2888b844114ad89c963b6705604010b62157092dc70699f66
-
SSDEEP
6144:nbUhI77ETb+JS+lDDWbOrL/ZslDP/U+lDxlDuSTjQBRlDFKLEzbrbuWHZ1RKlDg4:vRfOg7QKbuGiKpw9D1ImVJj
Static task
static1
Behavioral task
behavioral1
Sample
Document.lnk
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Document.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
belts/bivouac.cmd
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
belts/bivouac.cmd
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
belts/eclectic.cmd
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
belts/eclectic.cmd
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
belts/trampling.dll
Resource
win7-20220812-en
Malware Config
Extracted
icedid
426369791
ahilacarstrupert.com
Targets
-
-
Target
Document.lnk
-
Size
1KB
-
MD5
19a5a4f7e76a925dfd2467ecd957988d
-
SHA1
3d754cd790e1c7df79b8321a3ddcc1e9cf67929d
-
SHA256
dfd827588872f2c68d3f1654c398eb5368861c05627661d1d9d8747cabcc4e5f
-
SHA512
b75aa01990e412e489494a841e6daeebd4321f14c5a2d529034d27240e0459fe036bdf38937b7cc9e613f75cf81b6f761e0df4abb0de7915ebd36a33119d1db3
Score3/10 -
-
-
Target
belts/bivouac.cmd
-
Size
285B
-
MD5
d2d9ea79fe58f7fc8be9b1234c1106fe
-
SHA1
172e84c7479c4389ed6f3657cbf7b8876126a650
-
SHA256
72bd84e0bf325f285cd493ff27bd0566e90b9f17ce4e8481f4cc1374330e1607
-
SHA512
0cba630a38046da996377ba46dac287c31344f8f38e1a406bcaa58406d641030e16d12dfa19c29210fcfbe647af407f5647fe674b398501a078a7525dbfa364c
Score1/10 -
-
-
Target
belts/eclectic.cmd
-
Size
190B
-
MD5
93dc2693cd7914daeac43e6f98ad948f
-
SHA1
ea9b14c69a745743cfae490359e74bf6a033e818
-
SHA256
05f175275ec5f6add98b8733c72b861b5747f20f39f4a2e70ce579d700f62b04
-
SHA512
990cb733001e383dbb57f5f4554a245102c42de5544fbba0461eee52d7cb1b9a2ade94e4541e45723141390967a21491a21d9e8d23f31be70aca91162961d53f
Score1/10 -
-
-
Target
belts/trampling.tmp
-
Size
91KB
-
MD5
ca27351f9fea59e2adbd72277665e3d9
-
SHA1
cebae4ef3303eb1fc9053104a53706fc5841a5d0
-
SHA256
0b957cd40f571f1ffbbdec117ba55df508e42ec0b3ecdba8b429557d3d08c1ad
-
SHA512
6da0e2c5a4fb181a12a67af37a4eb4c02352dae4adc15202c89781cdfda43328193b558388aa32d2a29a8bdafc4ffb44b8f18cba2da813083405255dde2e7a6c
-
SSDEEP
1536:nXREXIBJWIsBMwYrUvjwI7CdiZEkgusxGEgG+JWx+1GlR:BicWIsBiUcI7CWrgus49KxJlR
-
Blocklisted process makes network request
-