General
-
Target
Docs822.zip
-
Size
390KB
-
Sample
221214-ycdmgsdg7x
-
MD5
18ea38f072df0b6a4d394c451a26a65f
-
SHA1
f50f446a0af79cfcfa421dcd4492d225755bab35
-
SHA256
3402a2fc0b043e196115fa4bef0e85306955bd3a8e465bfb737a48df2b17d6f6
-
SHA512
932090e8ba7265d268e2bd0175518b655f029310328a8472c755499cb37adf7a3039b14229657239a59900d23532a626d6e427df217d56dd4241fa127fa44b6a
-
SSDEEP
12288:TWf80paH3YedO2neg7xPRRSzsxVIHN++pvkhWa5pX1:TWfmYedOIewRRSAItxkv1
Static task
static1
Behavioral task
behavioral1
Sample
Docs8/DatabaseNDA-14310.lnk
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Docs8/DatabaseNDA-14310.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
Docs8/desktop.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
Docs8/desktop.dll
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
2302411646
klepdrafooip.com
Targets
-
-
Target
Docs8/DatabaseNDA-14310.lNK
-
Size
2KB
-
MD5
91d36dfa00a703fa9ad73d1f6ef162f2
-
SHA1
be07eb64d13bd9b8be47210fec3361f5722bf13c
-
SHA256
7a3367528cbebf26612a7b3c6db5e73ecc437b0f41564581eb6d35f739c10bc4
-
SHA512
13c46b5996f3404a350cbea86d4258e3eb2970b344ba6f19e280fd2ae2c2613b66aba57c682072b34c40f102db2bac0bf80c60cc78699c4bb4ace0debcd1c2e4
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Docs8/desktop.ini
-
Size
970KB
-
MD5
1bb0ca2e6ac4253b69917831f6e45c59
-
SHA1
68de9388f5ad612078ee9698c3d09c20bd375f5e
-
SHA256
591701e6e3ea61f8dfca07849668170ba5086b12022abd157dfb6d81f849e916
-
SHA512
f529b299b531348eefab420bb737e70873eaf543111d2ed535e3d4fc4d0e52b8b28186caf84bafa27aa5a3076a9f216581759fa69f15ae3ee5673768a9368871
-
SSDEEP
12288:XfbX8ei68nEXe963zTnecHZ4ke7i2G1CnL180bn2ONRj1LEkuUkkSgXOcLUjqI9n:Pb8e1e96Pef7k0bNRjpB4dPURa0+
Score3/10 -