General
-
Target
tongue.dat.zip
-
Size
726KB
-
Sample
230330-s2mzkaef9s
-
MD5
0160d1c5d3c4fd731b4094665a34a614
-
SHA1
4c36fa451d65fbb59e6cf3588955efd29dbd9587
-
SHA256
02e4d08f6b3a5bb50d2a9d072cfc4bdf772a18b6be26840e0bd80bf2c7aadbd6
-
SHA512
0a67c5e94ff1c365eeeb19b7b5081f1b69a6c2c93ff89de63b66fe388cb1b23708f280541d5399746cf8aa5014eab62299a539f2823b90c67cf0144e647b6459
-
SSDEEP
12288:hlP1w8z4zp/TlkBU9/TbrAFsLmaQ5TbNse2gy67iflXcckOZSPKeFIi638kr/MIb:V9ArlkWbrAMqThse2ge9XcckdPBOi631
Static task
static1
Behavioral task
behavioral1
Sample
run.bat
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
run.bat
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
tongue.dll
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
tongue.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
icedid
2941939166
neaachar.com
gyxplonto.com
-
auth_var
11
-
url_path
/news/
Targets
-
-
Target
run.bat
-
Size
51B
-
MD5
12fe58c575846da3818d55007ca93ccc
-
SHA1
ae26400e4e80576d654bdb805bc22dc01145b64e
-
SHA256
09105de99bf4654a5d3b30ff3fd60839e630f04e1d816303d93d83bae77ecf07
-
SHA512
d568928b3a38632f67768c13b25f1d3fd4f2300d4411892c9135ff5c58bf073c10cd6bebb8edb272248fc9f18daf270534bc87fa9932af53c5d75d1c36c3afa8
Score10/10 -
-
-
Target
tongue.dat
-
Size
652KB
-
MD5
593798127b998f4c0c964993c4777f43
-
SHA1
abbc64497161a0d75a6da838690499a35f84905a
-
SHA256
5b4de15ef1c7d59e01a19d68eefe17c8675ae374747abf3954f58a75e72c47aa
-
SHA512
4090d8d2f3e93a40b670a2f2d315e063ee608c46d1cd28c4d420eb057fb5437e1ab73910ca1012e8f464743affc53f060c671e6f64a5a8da006b376d1d6322d6
-
SSDEEP
12288:YhjtdIswfXcLrxDrEjks0GJfmIdz2e5IyrmWVjh3Sj09QJlRik:YhjtdwulDYDBXp2AAkjh3ilRik
Score3/10 -