Resubmissions
23-01-2023 10:28
230123-mht1waee7v 623-01-2023 10:16
230123-ma61gaee5w 1023-01-2023 10:13
230123-l86xpach26 623-01-2023 10:09
230123-l626qacg98 622-01-2023 21:32
230122-1dp31sbg5s 1022-01-2023 20:58
230122-zsbcqshg42 1020-01-2023 15:06
230120-sg8qjaaf5y 320-01-2023 14:13
230120-rjfxvsbb37 3General
-
Target
Paid_Offer_228_Jan-19.pdf
-
Size
150KB
-
Sample
230122-zsbcqshg42
-
MD5
40d02739328a2b96cbbaec90a58137a0
-
SHA1
9fbb76197b155edd7197095c78f49e58d0268de2
-
SHA256
111871764f74f2de6f58ec30cb84682b68bab22b59f91660c81f06ab4cb306b6
-
SHA512
fc695cfc902dc2ec5585a7c1592d979c88f2dae40562898762511332d175d4372301f6b52d87bdf918dba1732e534b7836ddd8aa5749dc2d06b630ba176f5355
-
SSDEEP
1536:rVTYjPXB7x4IzZwP236NntGB/HcDTIaxeMCcWXz+dqaxA1oPn6b9SBVxqntRZkBz:xkjfVl8Ntu/ATsMaDUysdivS1Ua9OS
Behavioral task
behavioral1
Sample
Paid_Offer_228_Jan-19.pdf
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Paid_Offer_228_Jan-19.pdf
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
3108046779
klayerziluska.com
Targets
-
-
Target
Paid_Offer_228_Jan-19.pdf
-
Size
150KB
-
MD5
40d02739328a2b96cbbaec90a58137a0
-
SHA1
9fbb76197b155edd7197095c78f49e58d0268de2
-
SHA256
111871764f74f2de6f58ec30cb84682b68bab22b59f91660c81f06ab4cb306b6
-
SHA512
fc695cfc902dc2ec5585a7c1592d979c88f2dae40562898762511332d175d4372301f6b52d87bdf918dba1732e534b7836ddd8aa5749dc2d06b630ba176f5355
-
SSDEEP
1536:rVTYjPXB7x4IzZwP236NntGB/HcDTIaxeMCcWXz+dqaxA1oPn6b9SBVxqntRZkBz:xkjfVl8Ntu/ATsMaDUysdivS1Ua9OS
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Sets service image path in registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-