Overview
overview
10Static
static
HEESRICD/CRIHNQKO.cmd
windows7-x64
3HEESRICD/CRIHNQKO.cmd
windows10-2004-x64
1HEESRICD/ETPZENER.js
windows7-x64
1HEESRICD/ETPZENER.js
windows10-2004-x64
1HEESRICD/J...fh.pdf
windows7-x64
1HEESRICD/J...fh.pdf
windows10-2004-x64
1HEESRICD/KRTQRRFH.dll
windows7-x64
10HEESRICD/KRTQRRFH.dll
windows10-2004-x64
10invoice.pdf.lnk
windows7-x64
3invoice.pdf.lnk
windows10-2004-x64
3General
-
Target
invoice-0009.iso
-
Size
1.1MB
-
Sample
221111-vb7bmahb57
-
MD5
ac162909e008bdb042ad2362d2c01902
-
SHA1
aa2039b03669cfc8d720f08ed4aebbcdefb4938b
-
SHA256
873d02bb3d248110c1db5155acd11811ba99c4689ceb2eb148fba49f712d3ff8
-
SHA512
7e613884b305ace6165c4f2e0322074e40da6a89f588d8b11fe84e80d8166088fa70c2d235beb506a98a1aa1e1d282f3ba60e55dd54e9d3d8522195bc9debb86
-
SSDEEP
24576:KVlBZkyFvIJPjhsYQAq2l6ncIJGGY7NuRUB3SVlBZkyFvIJPjhszwoBwJwJH:KVlHkbjhsY9q2l6ndJGGY7NuRUEVlHki
Static task
static1
Behavioral task
behavioral1
Sample
HEESRICD/CRIHNQKO.cmd
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
HEESRICD/CRIHNQKO.cmd
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
HEESRICD/ETPZENER.js
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
HEESRICD/ETPZENER.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
HEESRICD/JG343534I3khfdfgkdfh.pdf
Resource
win7-20220901-en
Behavioral task
behavioral6
Sample
HEESRICD/JG343534I3khfdfgkdfh.pdf
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
HEESRICD/KRTQRRFH.dll
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
HEESRICD/KRTQRRFH.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral9
Sample
invoice.pdf.lnk
Resource
win7-20220901-en
Behavioral task
behavioral10
Sample
invoice.pdf.lnk
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
3606255791
eventbloodd.com
Targets
-
-
Target
HEESRICD/CRIHNQKO.cmd
-
Size
68B
-
MD5
5209598028d135931069f050d423f71f
-
SHA1
59d199fa6e4d8fd54e65a9655e6efce9d5b583ea
-
SHA256
c0994d3a5465742406e12a7ff7d31fbcccc7eb2c3d202b591e0282d537b17dcf
-
SHA512
dfce1557e23b3ac11da3e0dd4521861504340feb07a840309f7e8238e18fc71b992048627f37137dd779e06b343c32f06a082a2e039e48f60d706c372c5fa63d
Score3/10 -
-
-
Target
HEESRICD/ETPZENER.js
-
Size
610B
-
MD5
724768dcaad2aa49fa276daddcbbc621
-
SHA1
fcd3a0bc05c41b49f65f1d9ee7a699c400353d46
-
SHA256
17fc1878ae84079bb93736beba3d3103acd9dbc6f67bb653c5cdcdb6fb60538f
-
SHA512
cabc96387995ff97c75d8042aa2f42b504463639e2a9dd548da2d0ba498534b97b801e64fcc8471161e03c3299f33e02e4b9ff758a5f460c5e24bb59eb8080f1
Score1/10 -
-
-
Target
HEESRICD/JG343534I3khfdfgkdfh.pdf
-
Size
86KB
-
MD5
1f4cbc5df4ee4e09bc625a9092d0a8ec
-
SHA1
e289de13f0191ebc81639045c23d6672f228e73d
-
SHA256
9abf25f0e1503cb38da963afca7f2aa079f9e60f0bb7cc7b53e0a6e5760074e7
-
SHA512
b76bd91f28886e370fa5101996d0e90fc4da50c19850080cdeeb65a50ddbb21d53338419273d0b941e1bb2d622ca4040c1e45fdbe2d3895d93e7ad169891eeae
-
SSDEEP
1536:o3KGJqJ5XRRzlC0sPyvMTdqvcohVKR2bm70/wm5Nb9hh0YE:o3KGJEXnzlzsEWd2hXC2A04aNbDRE
Score1/10 -
-
-
Target
HEESRICD/KRTQRRFH.dat
-
Size
320KB
-
MD5
766c34eeef4f673e82fd0f4a2b9c3a5c
-
SHA1
2af772c347252a3accea31c71f937830ae0b5c16
-
SHA256
1b6a7ec2de95b9d59b57dc3eebdc6b66f37208515e062b5785e551c0377d0bbf
-
SHA512
2488128efb3de3b6a4b3020ff1ed421ac59820614a7f51bef288eadeab16d8fcacfc134cac01afd4f0b77f34bfe72d2e4697f0f8519cec64bd07f681d6482177
-
SSDEEP
3072:ut5OqjYIRIT4RR5Nu75pszcq2l6ncjhq575T/NGGY7ljGHPfKjXjGHquR:+cAsAI75Kzcq2l6ncjhqrJGGY7NuR
Score10/10-
Blocklisted process makes network request
-
-
-
Target
invoice.pdf.lnk
-
Size
1KB
-
MD5
82f6859bc0e99302adef28a854d15177
-
SHA1
d83cf532efea3f4693315005773f69785ce1e0a1
-
SHA256
a30e528a6ad1c5b0a3930a28b04d4fae700a799958d13e7dfa274c3ad1cd352b
-
SHA512
3fcaa7e431c5fe301b2b826103e0f0b7b41caec5485a08432646084adffaf00f741b98f275403689d65d8ffe9e5a9eb1edbe1db0a810f74ad53607552323d2ea
Score3/10 -