General
-
Target
12102023_1138_Readme[2023.10.11_08-07].zip
-
Size
357KB
-
Sample
231012-d6xbgafa48
-
MD5
24701208c439b00a43908ae39bbf7de8
-
SHA1
25ef7044cdf9b7c17253625a2bd5d2d6fee44227
-
SHA256
3336bfde9b6b8ef05f1d704d247a1a8fd0641afaecc6a71f5cfa861234c4317b
-
SHA512
9a19607d4f9fe163b0a6b99e8f45023c42a91b8c99ad5cb57c5960fb2e4a83391b102b0feb9ceefe472631e4dd25fc278e6212c83b551bf614c5db871a400c88
-
SSDEEP
6144:DN2hZYThSeVuMaZi3B8z3x2ndfCFxILY1m5NRQN/mlIX1KBrIcRA0A1Bm6+ZrW+h:DAhEhSe4MaZbzxOCnILz5UlK+cRALuhH
Static task
static1
Behavioral task
behavioral1
Sample
Document[2023.10.11_08-07].vbs
Resource
win7-20230831-en
Malware Config
Extracted
icedid
361893872
Targets
-
-
Target
Document[2023.10.11_08-07].vbs
-
Size
1012KB
-
MD5
4ff5625e6bd063811ec393b315d2c714
-
SHA1
42b188e2e015a72accc50fcbde2d2c81f5258d0b
-
SHA256
5bab2bc0843f9d5124b39f80e12ad6d1f02416b0340d7cfec8cf7b14cd4385bf
-
SHA512
f74317199b5c4a45750e1b1e2a4216b51fb8f68dc9634638fa14ebd2c5d32f70d5f0f0172d587c5ab669d0a75e198063e3613a8070d3a8f3d7391d4f406d6053
-
SSDEEP
6144:ahBT1O3Ok0FID+bbGALk9kJmtZYvz20FAyEJdHLyhS3Vdhka8rccTXCOQS7YPWGc:RALgObHuyozlr5VZl5h1NY
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-