General
-
Target
core.zip
-
Size
532KB
-
Sample
221114-zrhqesdf25
-
MD5
915c527ac67e0f95ea9f5fc0c19b96da
-
SHA1
90560a3a3e743a7e63fc3794b1014f5044d64a93
-
SHA256
d5bed7d392dc8bd6c45f155f1f31a09e1e99f246b697a1fb98d5a63f96e91cf1
-
SHA512
7ee4db46f94da466a213cae8613fbac043f2a7cd05746145b34a92d97e1ecbb923f1427ae05dc28b43c7a547f5fe76118c3aca2b88c428bc05f7701c933a48a5
-
SSDEEP
12288:rdqadTv4e1hmj59Wakh95JleEB/70XHzobKwwrBYUz4u5:8adwQhW5UP3JleM/7OHzuwrBYar
Static task
static1
Behavioral task
behavioral1
Sample
cmd.bat
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
cmd.bat
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
deliver-x32.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
deliver-x32.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1023147713
qurafleuncen.com
dremkalifcarsis.com
-
auth_var
4
-
url_path
/news/
Targets
-
-
Target
cmd.bat
-
Size
189B
-
MD5
1b0986e0636ea647760dc3e6394782cb
-
SHA1
373f569810d64f0a4f0e2c4d1200f39bf3340506
-
SHA256
b6f3d79daa57782bef6b337fd83044a2c3010186173101a6dae6f6d6440ac695
-
SHA512
e6205459924516a4bad8f0f0c970c85dfc8334eff15df876eb28cf27787509307343d0ebf8b6827a815ef57d0a8bba2c549cb6aa568c8d86dac86390cbcc99f5
Score1/10 -
-
-
Target
deliver-x32.tmp
-
Size
88KB
-
MD5
8951681a2cfc3194ce612929f686fd6f
-
SHA1
7264cc195274cefcd4e16acdba26c7bc99800a17
-
SHA256
2565bbc065a9a36a992924cce8fb196598d3c7266e4a90923de729177f7b47de
-
SHA512
cc13812d7c2973429b74984e99f0b755c733e3fd8d9a2cbac03ebe5ae45f1d16e5c82de4d96319c92e43223444908e1357525dd18e1936cab25d210a92e59004
-
SSDEEP
1536:urmI7L/MqEmtx8C+FtwZWt7ix4l18EPyDmAUxhTNbQzc5:B9Dmt+YR4X8t/axNbQk
Score10/10 -