General
-
Target
Paid_Offer_37_Jan-19.pdf
-
Size
166KB
-
Sample
230120-v7wj1aba3y
-
MD5
fdddb4f1f070bc072ef6972b86191fc4
-
SHA1
fb014cfd210a9ce53e2aa123fe25c694bb96f08d
-
SHA256
1b63cda2ba8f337c1499611b4abdaf43e6c16d414415093d4974518e0b627e35
-
SHA512
af35d89cfa0f0de7e8e3f89ccaa21d216f3993c39ceeea080ecee2eb63aca65d650ce2694f98a996bbda145c84fee2a6920cc7f64fad3e678f195817d08e18de
-
SSDEEP
3072:Uc2IpqSgb3YANiHtz8MAkU3H/ZJzss1kwSEBnok8gdLSItwv4T:UepqSGnNiHd89kE3pkMBnuPoT
Behavioral task
behavioral1
Sample
Paid_Offer_37_Jan-19.pdf
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
Paid_Offer_37_Jan-19.pdf
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
3108046779
Extracted
icedid
3108046779
klayerziluska.com
Targets
-
-
Target
Paid_Offer_37_Jan-19.pdf
-
Size
166KB
-
MD5
fdddb4f1f070bc072ef6972b86191fc4
-
SHA1
fb014cfd210a9ce53e2aa123fe25c694bb96f08d
-
SHA256
1b63cda2ba8f337c1499611b4abdaf43e6c16d414415093d4974518e0b627e35
-
SHA512
af35d89cfa0f0de7e8e3f89ccaa21d216f3993c39ceeea080ecee2eb63aca65d650ce2694f98a996bbda145c84fee2a6920cc7f64fad3e678f195817d08e18de
-
SSDEEP
3072:Uc2IpqSgb3YANiHtz8MAkU3H/ZJzss1kwSEBnok8gdLSItwv4T:UepqSGnNiHd89kE3pkMBnuPoT
Score10/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-