General
-
Target
Scan_34258_INV.pdf
-
Size
111KB
-
Sample
230116-w79x3abb86
-
MD5
7f29d2ee5c2f0420f7e086945fe6a45c
-
SHA1
815ccc940ca35fa43751e55d698b6f3f3afa8d99
-
SHA256
3a5491b70c66de97c835e8033d756761257947b934bcb6349fcd38175f184160
-
SHA512
558b8fd224f5c89c1f2d22c796fa16ad3cf45e6b37ccdf8186adeaaee78c8936dbd940242f25c0ab25ffb6aa8a011c89fa403b4f7447ccc7ef894014387a8684
-
SSDEEP
3072:bO+0kPS4/w4O2RSkx/XWEOOJ1nbR5aWYM:bFvwl2RS6OiRRKM
Behavioral task
behavioral1
Sample
Scan_34258_INV.pdf
Resource
win10-20220901-en
Behavioral task
behavioral2
Sample
Scan_34258_INV.pdf
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
3074491541
dgormiugatox.com
Targets
-
-
Target
Scan_34258_INV.pdf
-
Size
111KB
-
MD5
7f29d2ee5c2f0420f7e086945fe6a45c
-
SHA1
815ccc940ca35fa43751e55d698b6f3f3afa8d99
-
SHA256
3a5491b70c66de97c835e8033d756761257947b934bcb6349fcd38175f184160
-
SHA512
558b8fd224f5c89c1f2d22c796fa16ad3cf45e6b37ccdf8186adeaaee78c8936dbd940242f25c0ab25ffb6aa8a011c89fa403b4f7447ccc7ef894014387a8684
-
SSDEEP
3072:bO+0kPS4/w4O2RSkx/XWEOOJ1nbR5aWYM:bFvwl2RS6OiRRKM
Score10/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-