General
-
Target
redacted-doc-11.14.22.zip
-
Size
458KB
-
Sample
221114-xg9eaada24
-
MD5
ba39392a433ad43ca8fd2b7e3b6d605f
-
SHA1
578bcc54ba7bf3b3451a66461bb99338a7495f17
-
SHA256
0306e59d0b52279dc773e1cb8cba8203cc39023af0f34bae33c1eda484beeb0b
-
SHA512
4864b94aff80e622189d58c12f68768c65d47712141099252f4ccdc505261b87d54edb1d8855273692f82348fd1e2c9cab8ca4830c4bde75d16436cd61a24092
-
SSDEEP
12288:ww6GYG+qDQXD09P2RUgB8fQcyAhU0M4md5:ww6Gn+09wyfpZqd5
Static task
static1
Behavioral task
behavioral1
Sample
document-130722.18093.iso
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
document-130722.18093.iso
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
pss10r.chm
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
pss10r.chm
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
run.cmd
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
run.cmd
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
ver123.dll
Resource
win7-20220901-en
Behavioral task
behavioral8
Sample
ver123.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1609463178
trolspeaksunt.com
Targets
-
-
Target
document-130722.18093.iso
-
Size
856KB
-
MD5
a80e6c2c150d8f2d0d93e02dc070a0d5
-
SHA1
9ad8ccce31dba69fb249a37303b7900ce716db35
-
SHA256
979502e5c1d4c7eb4c771bcaa61504c225d2a06bd40e953e32b0e1e60953585f
-
SHA512
f655d4d81d742396d609ed508a966120776a51565cb9e233f305c7082807412ee1ed9392e0d1c0b8f112e29000f57ea0d154f7a0486620da7866a51bb48464e8
-
SSDEEP
6144:hWDGvSvzMJP0MFNZQFsI5w3IohQsEuzzH1Skh3j/A4FCR4CKK3xhkuzEsiR02:hQGabxkvqw3BAeH1SkdIyazHhkLsi2
Score3/10 -
-
-
Target
pss10r.chm
-
Size
392KB
-
MD5
20fbaccd2166d324d53948e87fe15c26
-
SHA1
5b022b124335d837ada79b093e807a2dbdc6fd0d
-
SHA256
e6c58b329804c30442be8159296b54b612c32b038d826d7e2cb058042d9aa852
-
SHA512
4020dbcdc49b92b771b0d71c5e62e28def9196643c495bcb12fa91b367669d2df6075b79a6f70ed9c91e027de3d91a8c1d572c3ee740a4d53ba67b2b1a2af0df
-
SSDEEP
6144:MWDGvSvzMJP0MFNZQFsI5w3IohQsEuzzH1Skh3j/A4FCR4CKK3xhk8:MQGabxkvqw3BAeH1SkdIyazHhk8
Score3/10 -
-
-
Target
run.cmd
-
Size
159B
-
MD5
bc2545a660518ef0271bdd6a8be3513c
-
SHA1
ac0e485fe9101774c61a50d81dec32e174795e08
-
SHA256
f96ca4d15febe51758689d9c93c5ff06449a67aacc9b619c249dd00f7b65d179
-
SHA512
6b7dc66814b4a74dd8b39c631f24bef16a98a5ac18bb7e31531c41b54c239a56e1050ed3d7f48c9e7a9da094177bd6930148c08eb4ca937a59ca4eb235fc142a
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
ver123.dll
-
Size
96KB
-
MD5
f315325aecae49d502589694b6650bf0
-
SHA1
88b5d50c8e9e4f79b773a268da51a1f90718114c
-
SHA256
45704a092e0f331dec2c86dc2f7259b4680bb71c542aea59005bf1b1a8a18d3f
-
SHA512
ff9c89b5a7db2e1262aa87839d2ff41aff56861f241947ed8a857ac8f9904334269c74aff01bd4c8d1bf1f07d3ba1fa3ce02e1ef7c0e64a21e86e0501bd9cb2d
-
SSDEEP
1536:Z/Uo2DoDZjinBQFp5iVz+O22D9YUSh9T9S6PDJUTfhIr083GY2:Z/NhP5mzk2a7XsytW6083D2
Score10/10-
Blocklisted process makes network request
-