General
-
Target
Setup_Win_16-12-2022_16-47-34.msi
-
Size
1.6MB
-
Sample
221216-wgaehsaa2y
-
MD5
392916da17e4ef4d8c88c778cf75db5a
-
SHA1
1996bc54416273a26bf938a713f9f35a5aae68a8
-
SHA256
e8b323a81faf2904459bb4a35bc8e2519850afc9f960ffd06a22f3e197185a9a
-
SHA512
4c554f32906b3ce50633628afac4a3984f8e5f4039f185d4d8d6d653aa35d6df2eae860d4a64a08e94c4cd4283d56e5118ab5447f2fa53b590ad1cde638b182d
-
SSDEEP
24576:7HL0HvwglMtNroES7S8asBci5cRMyBAUIqw5NOcH9iIDMNUEer0OVTm10ku2w:7r0YglMbr3SWpsWjRMMKIIDB/k
Static task
static1
Behavioral task
behavioral1
Sample
Setup_Win_16-12-2022_16-47-34.msi
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Setup_Win_16-12-2022_16-47-34.msi
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1228806356
klepdrafooip.com
Targets
-
-
Target
Setup_Win_16-12-2022_16-47-34.msi
-
Size
1.6MB
-
MD5
392916da17e4ef4d8c88c778cf75db5a
-
SHA1
1996bc54416273a26bf938a713f9f35a5aae68a8
-
SHA256
e8b323a81faf2904459bb4a35bc8e2519850afc9f960ffd06a22f3e197185a9a
-
SHA512
4c554f32906b3ce50633628afac4a3984f8e5f4039f185d4d8d6d653aa35d6df2eae860d4a64a08e94c4cd4283d56e5118ab5447f2fa53b590ad1cde638b182d
-
SSDEEP
24576:7HL0HvwglMtNroES7S8asBci5cRMyBAUIqw5NOcH9iIDMNUEer0OVTm10ku2w:7r0YglMbr3SWpsWjRMMKIIDB/k
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-