General
-
Target
INV_REF-1228_19.pdf
-
Size
94KB
-
Sample
230110-xt9wkshb99
-
MD5
d4bdd8c5f25264ba410907a6ceaa87c3
-
SHA1
06d21dcee23d6d2dd860ebb561a2d544b6769ba0
-
SHA256
55bfe56ed452f893a06292087001f06af403adb00bcd55d537ffa66c7f165e2b
-
SHA512
5fdc8a5f46ede4e25bb3dd72eed4bfe7ea9013a4b5bb49cc1a69128a540a904f0afc803446601fd7c928931824aa98e521ef1f3250cab51730d01c784afee788
-
SSDEEP
1536:KHrVruV5xV0HUW8imnHPNzTUqZiL+I1MiFFtSlzg3h/8k+jFNIypzERCzd1tnAnY:KLCr0HUDimnvNXHCFUlzkwEyYCzd1t8O
Behavioral task
behavioral1
Sample
INV_REF-1228_19.pdf
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
3247066813
whothitheka.com
Targets
-
-
Target
INV_REF-1228_19.pdf
-
Size
94KB
-
MD5
d4bdd8c5f25264ba410907a6ceaa87c3
-
SHA1
06d21dcee23d6d2dd860ebb561a2d544b6769ba0
-
SHA256
55bfe56ed452f893a06292087001f06af403adb00bcd55d537ffa66c7f165e2b
-
SHA512
5fdc8a5f46ede4e25bb3dd72eed4bfe7ea9013a4b5bb49cc1a69128a540a904f0afc803446601fd7c928931824aa98e521ef1f3250cab51730d01c784afee788
-
SSDEEP
1536:KHrVruV5xV0HUW8imnHPNzTUqZiL+I1MiFFtSlzg3h/8k+jFNIypzERCzd1tnAnY:KLCr0HUDimnvNXHCFUlzkwEyYCzd1t8O
Score10/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Registers COM server for autorun
-
Sets file execution options in registry
-
Loads dropped DLL
-
Adds Run key to start application
-