General
-
Target
Invoice_7623_Dec9.html
-
Size
312KB
-
Sample
221212-r5prwsbe88
-
MD5
5ac46d13a442fd1a2f377626f169d99d
-
SHA1
0ad1699f1c58c364d060278e2dfa3b5797e27064
-
SHA256
54d97eb376e27b4060a72de0a95902381b9e0edda0b9ce485610dfeea7532dab
-
SHA512
e0c99d2d33a0c6f8182c2de2ae0a2ad1372a09215a1ba15ea543bcdd47f4baf982a367ed2907f6b5811c2ba92dfe72adad4840be559c9bd698c381904c3fa326
-
SSDEEP
6144:AW1KNFEyUEraG0MO8Q8YM1RZiXpEu3hgySem3N/DkSf3Yx1VJSxt+ooYurg:AqyRs/MV63hgyoAK3Yx3JSxcY1
Static task
static1
Behavioral task
behavioral1
Sample
Invoice_7623_Dec9.html
Resource
win10-20220812-en
Malware Config
Extracted
icedid
1268412609
ewgahskoot.com
Targets
-
-
Target
Invoice_7623_Dec9.html
-
Size
312KB
-
MD5
5ac46d13a442fd1a2f377626f169d99d
-
SHA1
0ad1699f1c58c364d060278e2dfa3b5797e27064
-
SHA256
54d97eb376e27b4060a72de0a95902381b9e0edda0b9ce485610dfeea7532dab
-
SHA512
e0c99d2d33a0c6f8182c2de2ae0a2ad1372a09215a1ba15ea543bcdd47f4baf982a367ed2907f6b5811c2ba92dfe72adad4840be559c9bd698c381904c3fa326
-
SSDEEP
6144:AW1KNFEyUEraG0MO8Q8YM1RZiXpEu3hgySem3N/DkSf3Yx1VJSxt+ooYurg:AqyRs/MV63hgyoAK3Yx3JSxcY1
Score10/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-