General
-
Target
a0c113f796b71979bcddcadd256d5e9eae442b11fd8f27b2e0b05cc8245faa14
-
Size
101KB
-
Sample
230113-vtsk7aag75
-
MD5
ed18298b468d546ebdecb9a8d95fee6f
-
SHA1
a5bf82c852a49e53f7507c2e69ea7246ecb9c536
-
SHA256
a0c113f796b71979bcddcadd256d5e9eae442b11fd8f27b2e0b05cc8245faa14
-
SHA512
9ab10492c658ff1cf7e8c0de09f2838f74e6831972815d1736f538c26432cd0b13e8c0faf7dd705334d997ffefe3a31fe92ecb7ea6df935e0b6faab0ad813205
-
SSDEEP
3072:md9m9S7xMY0/pq/555igIhfAvacObeeiatnZ:c49W5g0/JGhIvacgRtZ
Static task
static1
Behavioral task
behavioral1
Sample
Document_158_Copy_01-12/POV_Document_01-12.lnk
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Document_158_Copy_01-12/POV_Document_01-12.lnk
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
Document_158_Copy_01-12/badpitdewy/amppopecun.cmd
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
Document_158_Copy_01-12/badpitdewy/amppopecun.cmd
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
Document_158_Copy_01-12/badpitdewy/revealing.dll
Resource
win7-20220901-en
Behavioral task
behavioral6
Sample
Document_158_Copy_01-12/badpitdewy/revealing.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1387823457
allertmnemonkik.com
Targets
-
-
Target
Document_158_Copy_01-12/POV_Document_01-12.lnk
-
Size
1KB
-
MD5
be3451f6c620e115eac1d6351f2424ec
-
SHA1
46953a49fbf72118db891cbe512184ae5063c9b0
-
SHA256
c60e0ac814cf9e6b745be36c16d493f5eeda0a31e8463db4419f2bd8d9c081ee
-
SHA512
b29488f1bd7ade2021787f594fa3161460505a3771c155620a03d25e3946ed4c62e1aec2629449c4677f54829d615331b225759155e5e11dbf3dcb0d175c187e
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
-
-
Target
Document_158_Copy_01-12/badpitdewy/amppopecun.cmd
-
Size
1KB
-
MD5
91d2a0696723da726696294213f36515
-
SHA1
33d3ad0f394b7f30371985f627c6cece1f852e07
-
SHA256
4285c0beaaaedff11a04e9ba98678d9bc906f8669fe5bee81ad98286dc2ff873
-
SHA512
7f7b231a74fe7d7dd046f0cd903829f72354a4c72bdd2db224fcbef747ef34ce6436e4d038da25b663344c45cf3f0149536fa7f65a43fbcb6ce7fbe14767783c
Score1/10 -
-
-
Target
Document_158_Copy_01-12/badpitdewy/revealing.dat
-
Size
189KB
-
MD5
c9f3dd6dddcd3beb7070d9f915219034
-
SHA1
c3f080523dc1b8c444742f372b9d212743b8a503
-
SHA256
65281fe83e22bde20fa56079bebaea6fb353d1036be8073924fdf64cd9194984
-
SHA512
41c4bc71788b5c48cdce3337f281c886c38cef0d139bdaa7d90250418df7582663ccc298c04b8e52c0d5f4da1ecd34fb82dd424aacc67d8559bfdc2e2caf160b
-
SSDEEP
3072:ZO3mR80/ohURN3X3JKXvhuVQPSoPf1DgaibTVxC2QfRPNrNwmpPFo4:ZOWxohUrXoXvUkSo+aGTPwPNrhb
Score1/10 -