General
-
Target
Request_1-10_INV_236.pdf
-
Size
127KB
-
Sample
230111-wgn8nsdf85
-
MD5
97d0e8f68b3f57d9a30fc01bb56da4ed
-
SHA1
6a7ed2bc017749e89ec78071140cf75d0cee47f9
-
SHA256
f12671f2c75f6775b37f4edb1f72bef6ead512102a9860be67cc0529971c72b4
-
SHA512
dd9fa6a1c854e420f99d28dd04f7c555003d75817fd00ab75bd331a9842a6d572d4f48a7d948e684b3c9b3414487c28222929bd5a1b4c9559da0eefc77ee1e62
-
SSDEEP
3072:431i8aurDTSoWqSHuov0kPp+eLRwikxFmaOKaUaUMC/uByslS:vG3SoWHRcw+elamrQ3MC/uQslS
Behavioral task
behavioral1
Sample
Request_1-10_INV_236.pdf
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Request_1-10_INV_236.pdf
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1421378695
ebothlips.com
Targets
-
-
Target
Request_1-10_INV_236.pdf
-
Size
127KB
-
MD5
97d0e8f68b3f57d9a30fc01bb56da4ed
-
SHA1
6a7ed2bc017749e89ec78071140cf75d0cee47f9
-
SHA256
f12671f2c75f6775b37f4edb1f72bef6ead512102a9860be67cc0529971c72b4
-
SHA512
dd9fa6a1c854e420f99d28dd04f7c555003d75817fd00ab75bd331a9842a6d572d4f48a7d948e684b3c9b3414487c28222929bd5a1b4c9559da0eefc77ee1e62
-
SSDEEP
3072:431i8aurDTSoWqSHuov0kPp+eLRwikxFmaOKaUaUMC/uByslS:vG3SoWHRcw+elamrQ3MC/uQslS
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Registers COM server for autorun
-
Sets file execution options in registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-