General
-
Target
Document_61_Unpaid_-1-12.pdf
-
Size
108KB
-
Sample
230112-zncd8see5z
-
MD5
69fec563aa8bdfe9350f7c7534faec86
-
SHA1
8a09a79aa30a497ca812111293f896ca88e8aa32
-
SHA256
897941816861d957d6eacd2bcbb7b06fd48c9f73be02b72082a01a257c85f3f2
-
SHA512
dde5428609730781e9a7e30e973af161e261863a1e1f99c657fac3ae393f472f018bbdf37d764ee66b1f03e4ba86995d23a91b622b71a8c76d73e15266dc9c5a
-
SSDEEP
3072:x1F8+5dK2CVe3TlYaxd8DI07HkCqI+P5iX7El8:u6K2CUBYaxuDIuHkZoLEl8
Behavioral task
behavioral1
Sample
Document_61_Unpaid_-1-12.pdf
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
Document_61_Unpaid_-1-12.pdf
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1387823457
Extracted
icedid
1387823457
allertmnemonkik.com
Targets
-
-
Target
Document_61_Unpaid_-1-12.pdf
-
Size
108KB
-
MD5
69fec563aa8bdfe9350f7c7534faec86
-
SHA1
8a09a79aa30a497ca812111293f896ca88e8aa32
-
SHA256
897941816861d957d6eacd2bcbb7b06fd48c9f73be02b72082a01a257c85f3f2
-
SHA512
dde5428609730781e9a7e30e973af161e261863a1e1f99c657fac3ae393f472f018bbdf37d764ee66b1f03e4ba86995d23a91b622b71a8c76d73e15266dc9c5a
-
SSDEEP
3072:x1F8+5dK2CVe3TlYaxd8DI07HkCqI+P5iX7El8:u6K2CUBYaxuDIuHkZoLEl8
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Registers COM server for autorun
-
Sets file execution options in registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-