General
-
Target
Scan_Invoice_12-09#54.msi
-
Size
824KB
-
Sample
221209-z6w7csed35
-
MD5
7c0c7922a082101215c998a4ecf15481
-
SHA1
5543faef6b9261087bad28e3274addd9823682b5
-
SHA256
ea43a6d99b567d1dbc7339ff43e489ef22657fcd6bd9e36b69aea8b14fde8cd5
-
SHA512
d689a1f9973e9996075bf1e5db2fb4326caef004e55b4f0bddb197535c179eb2bddb420c5ee68b23c842a423a9475eff98bb3bf2962a665304dafc684d97a4a1
-
SSDEEP
24576:yHL009mTn3Tp9Lolu0aID/kJAHCcWPXoPcTPbgrQlRNKIg8gx:yr00a3ku0ocWPXoPcTPbgrQlRNKIg8g
Static task
static1
Behavioral task
behavioral1
Sample
Scan_Invoice_12-09#54.msi
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Scan_Invoice_12-09#54.msi
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1178326404
broskabrwaf.com
Targets
-
-
Target
Scan_Invoice_12-09#54.msi
-
Size
824KB
-
MD5
7c0c7922a082101215c998a4ecf15481
-
SHA1
5543faef6b9261087bad28e3274addd9823682b5
-
SHA256
ea43a6d99b567d1dbc7339ff43e489ef22657fcd6bd9e36b69aea8b14fde8cd5
-
SHA512
d689a1f9973e9996075bf1e5db2fb4326caef004e55b4f0bddb197535c179eb2bddb420c5ee68b23c842a423a9475eff98bb3bf2962a665304dafc684d97a4a1
-
SSDEEP
24576:yHL009mTn3Tp9Lolu0aID/kJAHCcWPXoPcTPbgrQlRNKIg8gx:yr00a3ku0ocWPXoPcTPbgrQlRNKIg8g
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-