General
-
Target
LZG41.iso
-
Size
656KB
-
Sample
221121-mkjypaeh54
-
MD5
6408679de2eb8c44710e48fd37aea371
-
SHA1
d8d12728d99879525dbc0c87bc6127a186ca4825
-
SHA256
f7715f48cdbf36bb611a205fcc067670018cf23cb30cc362a56d35b98d002826
-
SHA512
dce56f051e49f38644023cffb3b2fdf3233f1eb3f36f7e8b7dd1a187beb7052a81766a03fd5d02bafbaa316074615b03bdc6b73bca5c7d5f51be8c28c6fc860c
-
SSDEEP
6144:sK8FaGEoSvma0lgTxwBT0kqnYMXq0lDUUTGpsmLlDF/lDdosW2HOuNb0iFXplD1t:st8+9g9wBkX4Hp5uTBpPsWS
Static task
static1
Behavioral task
behavioral1
Sample
FF.vbs
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
FF.vbs
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
swore/sensible.dll
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
swore/sensible.dll
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
3822462527
sciiultaelinoza.com
Targets
-
-
Target
FF.vbs
-
Size
9KB
-
MD5
c6031c7c55e1a3ad39686f5285f169e8
-
SHA1
9b095c7a6a652863fb04644208f3c4626e48732e
-
SHA256
34fd7ac1ebf24488f3ef3ce8510fbeaf531bdb1fb4da13327a64482e836df691
-
SHA512
7a5000dbf095f5e89f28663de29345605f3dba524f177b61f2516a9302c82384f314a0287fb561bae1cd3fe916c96a8df8818f75b539862787089ce129ac5298
-
SSDEEP
192:GeSjpUorcl/E4hp3aD/OCMhiEe1mUS1G0vdzgW20fkbsgTbpQt:d4pnrcpE4hpPCMhidmnGm80jWb4
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
swore/sensible.temp
-
Size
49KB
-
MD5
bd80b2b1b80baddcae04c2bd338bdbde
-
SHA1
750e7066f6e5e8c5095fcf18ef33596882f495b5
-
SHA256
0a728bfdead0f370d24510169ac58f3edaae2bea503ac9c02365d1446fb22823
-
SHA512
9c566ea7fff7b45037283a48f425e549e9b0818e25012c5d2d9eb7d25de3413088eb3d7e91b128421e5210ce2c651e080e993cab0f81c68fb93f75d0e5be05a4
-
SSDEEP
768:ui9IlCuxlaboLzk8FQm5OzR4HziHF47DPh/e8bQZ2w0Nt8ASwn5:uiWl3LzPIdEzqFI7g8sZE+ASwn5
Score10/10-
Blocklisted process makes network request
-