General
-
Target
Setup_Win_16-12-2022_16-44-02.msi
-
Size
1.6MB
-
Sample
221216-wtx2cafb98
-
MD5
3c73ad35ebf42f6a1d86ccc38c9064bf
-
SHA1
373b8c8703d210309dbf5c0e16273291cf178410
-
SHA256
eae56a04a2d97fa21725cdada3dbf537c299eb8fa86a71e186c92ac42194cfa6
-
SHA512
c92b5b7196197f84b457d8c23964612c907ae72bdeaf4489d95caee2b0c3c0216717905db0194827341922d19f7fb31531a8a7caf79ec6e603c6ea3040b6ff13
-
SSDEEP
24576:aHL0EvwglMtNroES7S8asBci5cRMyBAUIqw5NOcH9iIDMNUEer0OVTm10ku2w:ar03glMbr3SWpsWjRMMKIIDB/k
Static task
static1
Behavioral task
behavioral1
Sample
Setup_Win_16-12-2022_16-44-02.msi
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Setup_Win_16-12-2022_16-44-02.msi
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1228806356
klepdrafooip.com
Targets
-
-
Target
Setup_Win_16-12-2022_16-44-02.msi
-
Size
1.6MB
-
MD5
3c73ad35ebf42f6a1d86ccc38c9064bf
-
SHA1
373b8c8703d210309dbf5c0e16273291cf178410
-
SHA256
eae56a04a2d97fa21725cdada3dbf537c299eb8fa86a71e186c92ac42194cfa6
-
SHA512
c92b5b7196197f84b457d8c23964612c907ae72bdeaf4489d95caee2b0c3c0216717905db0194827341922d19f7fb31531a8a7caf79ec6e603c6ea3040b6ff13
-
SSDEEP
24576:aHL0EvwglMtNroES7S8asBci5cRMyBAUIqw5NOcH9iIDMNUEer0OVTm10ku2w:ar03glMbr3SWpsWjRMMKIIDB/k
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-