General
-
Target
wild_will.msi
-
Size
720KB
-
Sample
221206-g85meafb3w
-
MD5
12fef89480f3c38d0949f7fd9458856d
-
SHA1
8ed8d7bf9c6ffc2934e5c9773692ded50f87ceec
-
SHA256
2bd43175f33d5e03ae53c00541a357c3578a158f56d8b20b9099a45ccebc801a
-
SHA512
0b4e9035905c9da6e7b0d8e0eeda3f6e7b8522135aec15eea14b85bb0966b5058f3443aa054983f00918b29fd3e699efca3a49030ee195c7b3f09d6c667e2a2f
-
SSDEEP
12288:pwHL0D7vkCPumy9chfA+t78B0igC+/NHB01SlF1:2HL0f/zyt+x8BtZKB6SD
Static task
static1
Behavioral task
behavioral1
Sample
wild_will.msi
Resource
win7-20220812-en
Malware Config
Extracted
icedid
787509923
kamintrewftor.com
Targets
-
-
Target
wild_will.msi
-
Size
720KB
-
MD5
12fef89480f3c38d0949f7fd9458856d
-
SHA1
8ed8d7bf9c6ffc2934e5c9773692ded50f87ceec
-
SHA256
2bd43175f33d5e03ae53c00541a357c3578a158f56d8b20b9099a45ccebc801a
-
SHA512
0b4e9035905c9da6e7b0d8e0eeda3f6e7b8522135aec15eea14b85bb0966b5058f3443aa054983f00918b29fd3e699efca3a49030ee195c7b3f09d6c667e2a2f
-
SSDEEP
12288:pwHL0D7vkCPumy9chfA+t78B0igC+/NHB01SlF1:2HL0f/zyt+x8BtZKB6SD
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-