General
-
Target
Request_980387_March_16.js
-
Size
11KB
-
Sample
230316-wl4h6aee2v
-
MD5
f7620e8393de1892407a64fd6c4fb37e
-
SHA1
27a75e63ca29e149d206e2b7649355d4663af36e
-
SHA256
ef80d34f4f1f4ff1d809848a3dc59f489ba8321f7835ba63760c1a44c0869c6b
-
SHA512
989965670351d5104b5d60386b8624ddf95d8ad36400eed35e639c4561e7a558c42501cc346028c9c20a8538d286b6cfb21fd7840d9a7142719a7db756934fd0
-
SSDEEP
192:0uX4cOkYAxdB2sBIiRsJRhI21/CG/E25k2tc6aqhJfSjW9uavQcLtRyUlml8naKM:1pOsdB24hajhspN2ebqhtSqrLmamliM
Static task
static1
Behavioral task
behavioral1
Sample
Request_980387_March_16.js
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Request_980387_March_16.js
Resource
win10v2004-20230220-en
Malware Config
Extracted
http://aproshak.top/gatef1.php
Extracted
icedid
2171387498
avroralikhaem.com
Targets
-
-
Target
Request_980387_March_16.js
-
Size
11KB
-
MD5
f7620e8393de1892407a64fd6c4fb37e
-
SHA1
27a75e63ca29e149d206e2b7649355d4663af36e
-
SHA256
ef80d34f4f1f4ff1d809848a3dc59f489ba8321f7835ba63760c1a44c0869c6b
-
SHA512
989965670351d5104b5d60386b8624ddf95d8ad36400eed35e639c4561e7a558c42501cc346028c9c20a8538d286b6cfb21fd7840d9a7142719a7db756934fd0
-
SSDEEP
192:0uX4cOkYAxdB2sBIiRsJRhI21/CG/E25k2tc6aqhJfSjW9uavQcLtRyUlml8naKM:1pOsdB24hajhspN2ebqhtSqrLmamliM
Score10/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-