General
-
Target
build-052.msi
-
Size
720KB
-
Sample
221206-nlaxvadc33
-
MD5
5241275990f43d896fee78d1d72757e3
-
SHA1
8d825da07a5ccb9e518c518ea4d61c9b8374e63b
-
SHA256
cbc31e48f08c7d1877246e6759edee70cecdfc76416a7b7f7ca0feede3355b93
-
SHA512
1b417940bbdb56f63533ac380fb288870e095fa8f491bed472e171c7eab3d4090edeb72f90b2b21330eaad8ebb8a25dded4db470d5d3b13087ad707b97ae6f4e
-
SSDEEP
12288:ywHL0D7hkCPumy9chfA+t58B0igC+/NHBnn1SCSR:jHL0R/zyt+X8BtZKBn1SD
Static task
static1
Behavioral task
behavioral1
Sample
build-052.msi
Resource
win7-20220901-en
Malware Config
Extracted
icedid
787509923
kamintrewftor.com
Targets
-
-
Target
build-052.msi
-
Size
720KB
-
MD5
5241275990f43d896fee78d1d72757e3
-
SHA1
8d825da07a5ccb9e518c518ea4d61c9b8374e63b
-
SHA256
cbc31e48f08c7d1877246e6759edee70cecdfc76416a7b7f7ca0feede3355b93
-
SHA512
1b417940bbdb56f63533ac380fb288870e095fa8f491bed472e171c7eab3d4090edeb72f90b2b21330eaad8ebb8a25dded4db470d5d3b13087ad707b97ae6f4e
-
SSDEEP
12288:ywHL0D7hkCPumy9chfA+t58B0igC+/NHBnn1SCSR:jHL0R/zyt+X8BtZKBn1SD
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-