General
-
Target
Scan_Invoice_12-09#33.msi
-
Size
824KB
-
Sample
221219-bal5hsha3s
-
MD5
2db446eeebd67710e1ec48a72ab7cf91
-
SHA1
9ec5d729e810087435b57accda5ad6438e63f56d
-
SHA256
bfa93bd0442ada6f5f8e8d4bb4edd7cffb90d150db138e7f58668f58a132e32a
-
SHA512
910b0f54a516da8a2ebdfbe79531cce9901d9c586ee40dd54254b11f54fbe121fa28b8ef4c59d898374e32eb94c07877a5bc0a4f3ac6694e5bc264ffa9b3d57d
-
SSDEEP
24576:PHL0R9mTn3Tp9LolK0aID/kJAHCaWPXoPcTPbgrQlRNKIg8gx:Pr0Ra3kK0oaWPXoPcTPbgrQlRNKIg8g
Static task
static1
Behavioral task
behavioral1
Sample
Scan_Invoice_12-09#33.msi
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Scan_Invoice_12-09#33.msi
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1178326404
broskabrwaf.com
Targets
-
-
Target
Scan_Invoice_12-09#33.msi
-
Size
824KB
-
MD5
2db446eeebd67710e1ec48a72ab7cf91
-
SHA1
9ec5d729e810087435b57accda5ad6438e63f56d
-
SHA256
bfa93bd0442ada6f5f8e8d4bb4edd7cffb90d150db138e7f58668f58a132e32a
-
SHA512
910b0f54a516da8a2ebdfbe79531cce9901d9c586ee40dd54254b11f54fbe121fa28b8ef4c59d898374e32eb94c07877a5bc0a4f3ac6694e5bc264ffa9b3d57d
-
SSDEEP
24576:PHL0R9mTn3Tp9LolK0aID/kJAHCaWPXoPcTPbgrQlRNKIg8gx:Pr0Ra3kK0oaWPXoPcTPbgrQlRNKIg8g
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-