General
-
Target
1554FF.html
-
Size
368KB
-
Sample
221121-rprljsdd34
-
MD5
40516ea9f7767045c822e15ef375fdee
-
SHA1
5b9878dbbd27860e39af55a21a3dedae154d00b3
-
SHA256
5472103e290d3b51becbbde14d494535980cb0cedb40d4f4f1bf9830765fb173
-
SHA512
8b414097af2e3f4cb3a3b7bf86e44a3e42dbfe205773614246868dae201c0e0b0089a02bbaefc120dd8504fec019a91b98fb79ea0ca5394ee9b9b51013b1dd89
-
SSDEEP
6144:RYjRCBwC8pIy/5rDXOkprEqNUQJRHlzjKK0jY5BzlAnfQ6sIXU0UgtmzA:RYjpXI6/bFLHKVOmYNIEvs
Static task
static1
Behavioral task
behavioral1
Sample
1554FF.html
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1554FF.html
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
3822462527
sciiultaelinoza.com
Targets
-
-
Target
1554FF.html
-
Size
368KB
-
MD5
40516ea9f7767045c822e15ef375fdee
-
SHA1
5b9878dbbd27860e39af55a21a3dedae154d00b3
-
SHA256
5472103e290d3b51becbbde14d494535980cb0cedb40d4f4f1bf9830765fb173
-
SHA512
8b414097af2e3f4cb3a3b7bf86e44a3e42dbfe205773614246868dae201c0e0b0089a02bbaefc120dd8504fec019a91b98fb79ea0ca5394ee9b9b51013b1dd89
-
SSDEEP
6144:RYjRCBwC8pIy/5rDXOkprEqNUQJRHlzjKK0jY5BzlAnfQ6sIXU0UgtmzA:RYjpXI6/bFLHKVOmYNIEvs
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-