General
-
Target
20221214_Standardnotes.zip
-
Size
418KB
-
Sample
221214-xcvqbsag52
-
MD5
c003fac9ee1edb90d56687f3858e3633
-
SHA1
e77dee32ffbbbb18de454efe7b7c4759d3a491c0
-
SHA256
9e2de7fec3ce00ba3a86fcc814d5a88f6d461a1cd2249a18a0156a09deaf2b4b
-
SHA512
6c372cd42146870f97bedc71d6eb1c25629451c00aa2d244e5c3d0cb4c1975512f9650328e474e6f536eae5fdb7a71c17a442c1ee31be070c03c464292b68357
-
SSDEEP
6144:dv4FV8kQqSkOfiJo3uuy1OYPsSjVQnVpP3FI6lvOpaBqpgpaZVCWKTmUz5XujUcE:dvxqB6TYPxBQnvPL6QqSpa7CHiUX
Static task
static1
Behavioral task
behavioral1
Sample
DatabaseNDA-14310.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
DatabaseNDA-14310.lnk
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
desktop.dll
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
desktop.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
2302411646
klepdrafooip.com
Targets
-
-
Target
DatabaseNDA-14310.lNK
-
Size
2KB
-
MD5
91d36dfa00a703fa9ad73d1f6ef162f2
-
SHA1
be07eb64d13bd9b8be47210fec3361f5722bf13c
-
SHA256
7a3367528cbebf26612a7b3c6db5e73ecc437b0f41564581eb6d35f739c10bc4
-
SHA512
13c46b5996f3404a350cbea86d4258e3eb2970b344ba6f19e280fd2ae2c2613b66aba57c682072b34c40f102db2bac0bf80c60cc78699c4bb4ace0debcd1c2e4
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
desktop.ini
-
Size
970KB
-
MD5
1bb0ca2e6ac4253b69917831f6e45c59
-
SHA1
68de9388f5ad612078ee9698c3d09c20bd375f5e
-
SHA256
591701e6e3ea61f8dfca07849668170ba5086b12022abd157dfb6d81f849e916
-
SHA512
f529b299b531348eefab420bb737e70873eaf543111d2ed535e3d4fc4d0e52b8b28186caf84bafa27aa5a3076a9f216581759fa69f15ae3ee5673768a9368871
-
SSDEEP
12288:XfbX8ei68nEXe963zTnecHZ4ke7i2G1CnL180bn2ONRj1LEkuUkkSgXOcLUjqI9n:Pb8e1e96Pef7k0bNRjpB4dPURa0+
Score3/10 -