General
-
Target
Scan_Invoice_12-09#46.msi
-
Size
824KB
-
Sample
221212-w4bk4aeh5w
-
MD5
eb93a0d10c8b95407415ddbfdb98e1b9
-
SHA1
74350debcdc7cfab67bcb612750fb4cb1f791649
-
SHA256
b1d89aa18cd6e5e8e007713b1f79ae72238e85211c19d403b02ace2eac464e67
-
SHA512
046ce84e6e90885419a9a1974468f7565ea9aa21945bc8987212e175178c1ce5cd61253a8b34f517fafddb307d8264361a5794a673e2e78d56df3490b66b1dff
-
SSDEEP
24576:HHL049mTn3Tp9Lol00aID/kJAHC+WPXoPcTPbgrQlRNKIg8gx:Hr04a3k00o+WPXoPcTPbgrQlRNKIg8g
Static task
static1
Behavioral task
behavioral1
Sample
Scan_Invoice_12-09#46.msi
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Scan_Invoice_12-09#46.msi
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1178326404
broskabrwaf.com
Targets
-
-
Target
Scan_Invoice_12-09#46.msi
-
Size
824KB
-
MD5
eb93a0d10c8b95407415ddbfdb98e1b9
-
SHA1
74350debcdc7cfab67bcb612750fb4cb1f791649
-
SHA256
b1d89aa18cd6e5e8e007713b1f79ae72238e85211c19d403b02ace2eac464e67
-
SHA512
046ce84e6e90885419a9a1974468f7565ea9aa21945bc8987212e175178c1ce5cd61253a8b34f517fafddb307d8264361a5794a673e2e78d56df3490b66b1dff
-
SSDEEP
24576:HHL049mTn3Tp9Lol00aID/kJAHC+WPXoPcTPbgrQlRNKIg8gx:Hr04a3k00o+WPXoPcTPbgrQlRNKIg8g
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-