General
-
Target
Setup_Win_16-12-2022_16-47-34.zip
-
Size
960KB
-
Sample
221216-wjg75saa3t
-
MD5
52d108c6b8943f2dc03b5c34bc7cd204
-
SHA1
0e492ea670a1efa45d742c7b1459966b29e3b6e8
-
SHA256
5d39b75eae07ccfe77968f0056eeb6feec2b124cd5d52327f4b162827beba604
-
SHA512
b93bc4bdf9cf1e14c9a59aaa6c60073119e4ad293d965995a1788e5e4599d92b69a6bea0bad0c85d8a748b888deb035750a8b5524f48c70ad6711c112c8516c8
-
SSDEEP
24576:wrDBZuUzIwElVntXzUi1JN2ZS/fOnV5i5ln6mVPl07ntxnJJ8mrWKn:wHB/z/ElVnBzBJN2ZS/aBIMzP8mCG
Static task
static1
Behavioral task
behavioral1
Sample
Setup_Win_16-12-2022_16-47-34.msi
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Setup_Win_16-12-2022_16-47-34.msi
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1228806356
klepdrafooip.com
Targets
-
-
Target
Setup_Win_16-12-2022_16-47-34.msi
-
Size
1.6MB
-
MD5
392916da17e4ef4d8c88c778cf75db5a
-
SHA1
1996bc54416273a26bf938a713f9f35a5aae68a8
-
SHA256
e8b323a81faf2904459bb4a35bc8e2519850afc9f960ffd06a22f3e197185a9a
-
SHA512
4c554f32906b3ce50633628afac4a3984f8e5f4039f185d4d8d6d653aa35d6df2eae860d4a64a08e94c4cd4283d56e5118ab5447f2fa53b590ad1cde638b182d
-
SSDEEP
24576:7HL0HvwglMtNroES7S8asBci5cRMyBAUIqw5NOcH9iIDMNUEer0OVTm10ku2w:7r0YglMbr3SWpsWjRMMKIIDB/k
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-