Overview

overview

10

Static

static

8

adjure.04....1.docm

windows7-x64

4

adjure.04....1.docm

windows10-2004-x64

1

jaazci2.dll

windows7-x64

1

jaazci2.dll

windows10-2004-x64

1

leftTitleRepo.dll

windows7-x64

10

leftTitleRepo.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    65dc9f50ea56438fb056a7d5c6a3f0d60f746562a41cb036ce2e34de44039de2

  • Size

    1.6MB

  • MD5

    d36553fb4c3261800b5a06107a15b3bf

  • SHA1

    ba0194ead229fa5ee156112f9754f3ae6b9498d4

  • SHA256

    65dc9f50ea56438fb056a7d5c6a3f0d60f746562a41cb036ce2e34de44039de2

  • SHA512

    813925a5fbc4337526607592d9c8e97e24cafc26576ad7a1bfef7b8b0255418c50022270a102304be3b878233a7714408ed316785ef1d63ffe7e78383eadc8e9

  • SSDEEP

    49152:463ft6vjuNVJMl5+BNa9OaCyHo9pBZ6A/P1bdbN:4u6juNVJMl5+BN6FCDbBZ6A/PDR

Score
8/10
macro

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

    macro
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 65dc9f50ea56438fb056a7d5c6a3f0d60f746562a41cb036ce2e34de44039de2
    .zip

    Password: infected

  • 2021-04-30-IcedID-malware-list.txt
  • 2021-04-30-fake-gzip-binary-from-desazasilkor.top.bin
    .gz
  • 2021-04-30-infection-traffic-screenshot.jpg
    .jpg
  • 2021-04-30-scheduled-task-for-icedID.txt
  • adjure.04.30.2021.doc
    .docm .doc office2007

    ThisDocument

    UserForm1

    lenLoadOption

    mainTextboxException

    countDataCounter

  • jaazci2.dll
    .dll windows:6 windows x64 arch:x64

    cfa8dd488fd4044f7dbcc5838881a33c


    Headers

    Imports

    Exports

    Sections

  • leftTitleRepo.jpg
    .dll regsvr32 windows:6 windows x64 arch:x64

    cfa8dd488fd4044f7dbcc5838881a33c


    Headers

    Imports

    Exports

    Sections

  • license.dat