General
-
Target
document_133_invoice#PDF.msi
-
Size
660KB
-
Sample
221206-x8c56afg48
-
MD5
76bf2b13ab0bdb12c1b8fc474fb9984e
-
SHA1
8c90ecad73788a40c93ca6a6411c79c581216cee
-
SHA256
070f9169977c766c426e9c1a8161a40f54a068ef7cc1c3090d226e87dc890095
-
SHA512
8945defdd78c03c0e62ac636657835e70210afba5ade7a8f9eab8c6725371b30a9ad26820ed57a0d7fe2b5af6bf2ab18a06ed6adb35c6203ae0dfd1057fd01be
-
SSDEEP
12288:nwHL0D7CkCPumy9chfA+tO5O//M777777LwmqLuSgF3u:wHL0S/zyt+M5OX/qtF3u
Static task
static1
Behavioral task
behavioral1
Sample
document_133_invoice#PDF.msi
Resource
win7-20220812-en
Malware Config
Extracted
icedid
764376559
saintrefunda.com
Targets
-
-
Target
document_133_invoice#PDF.msi
-
Size
660KB
-
MD5
76bf2b13ab0bdb12c1b8fc474fb9984e
-
SHA1
8c90ecad73788a40c93ca6a6411c79c581216cee
-
SHA256
070f9169977c766c426e9c1a8161a40f54a068ef7cc1c3090d226e87dc890095
-
SHA512
8945defdd78c03c0e62ac636657835e70210afba5ade7a8f9eab8c6725371b30a9ad26820ed57a0d7fe2b5af6bf2ab18a06ed6adb35c6203ae0dfd1057fd01be
-
SSDEEP
12288:nwHL0D7CkCPumy9chfA+tO5O//M777777LwmqLuSgF3u:wHL0S/zyt+M5OX/qtF3u
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-