General
-
Target
Document.vbs
-
Size
2.5MB
-
Sample
231018-s4cavaff7t
-
MD5
c8149f4e259f12c0d814b3d67a95aac6
-
SHA1
1f652ce82610c6e4f395f0a7c35ed49c4eb4c202
-
SHA256
e207cc2dcc198d59a3f9f48160227854c540888fae7f086a9c50338babb5f8e9
-
SHA512
b7f93b16c3a4e8aee5b02dffd108486c4feb71fca3578592280e3cd5edf4cf0d337830f7da5a6501920e2ffe4e2a7e4cf636a981f6df6f7dca135c1e5eb31fcf
-
SSDEEP
24576:Wb8nJeOGHIhJrLEEYul9lh3QKv2WGE5nvEVzDtIEepxE5Azkd4ZJ8RaFTZeuFpzH:Luwj5L40fLMn5olhTbK8x
Static task
static1
Behavioral task
behavioral1
Sample
Document.vbs
Resource
win7-20230831-en
Malware Config
Extracted
icedid
361893872
Targets
-
-
Target
Document.vbs
-
Size
2.5MB
-
MD5
c8149f4e259f12c0d814b3d67a95aac6
-
SHA1
1f652ce82610c6e4f395f0a7c35ed49c4eb4c202
-
SHA256
e207cc2dcc198d59a3f9f48160227854c540888fae7f086a9c50338babb5f8e9
-
SHA512
b7f93b16c3a4e8aee5b02dffd108486c4feb71fca3578592280e3cd5edf4cf0d337830f7da5a6501920e2ffe4e2a7e4cf636a981f6df6f7dca135c1e5eb31fcf
-
SSDEEP
24576:Wb8nJeOGHIhJrLEEYul9lh3QKv2WGE5nvEVzDtIEepxE5Azkd4ZJ8RaFTZeuFpzH:Luwj5L40fLMn5olhTbK8x
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-