General
-
Target
NQYZ0148_7381068.zip
-
Size
357KB
-
Sample
231012-h8za3adg41
-
MD5
a2abd84a3bdbe3aa6e1428aa601b1ca1
-
SHA1
45ad34b4277bbd51b43bdf2129a8f51e607cec5c
-
SHA256
c0475248fc93771346e0e489a6d5f70956ed6fd2b03186e3a2e9ef1ae1ed2c4d
-
SHA512
f45659ca958b8f9401e41b2e4a8357f2295e3de1a82d51bf9aa03b1151c80652cbd97489cd99bd218c591cdf145f343829e9e4a1fef18f6d222d3d5a872aa3bf
-
SSDEEP
6144:TVLFrChc2qPrbdo9eQIcDcNwJo2vTuvAzd0j1HToGDu5voZvlAuU8:TVFmc5fu9vIUpvTuozd050kI+vv
Static task
static1
Behavioral task
behavioral1
Sample
Inquiry[2023.10.11_08-07].vbs
Resource
win7-20230831-en
Malware Config
Extracted
icedid
361893872
Targets
-
-
Target
Inquiry[2023.10.11_08-07].vbs
-
Size
1013KB
-
MD5
9505db4094a6259c6ce7ca9bf8a0ba4b
-
SHA1
669279efc9e0360be714d3d40c822365a7cfe01b
-
SHA256
18d5bf8f2243bd399d764379be5605519e54c54a4c2879fc8eb13dce395cc40d
-
SHA512
7d0642ade03a8c6d717d50404789272b1e70feca10bfbe806747628d1280189eaf22968f3733029381ae3c93af6328314433be49af75c3a5e6a9458b9bc47923
-
SSDEEP
6144:M+g92IHKoCcGnLrvsoQO6EXAccz4VnWE7NqxZoTMZ3QONBVG4kl/6BY5G1c/fP6w:zzXh6HekeTMZg40DzOxicJb9Uyt6
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-