General
-
Target
2024-06-20_30c9bffeef7c5598279030e7e5675547_icedid_magniber_sakula
-
Size
24.1MB
-
Sample
240620-qbav7syeqc
-
MD5
30c9bffeef7c5598279030e7e5675547
-
SHA1
ddc2de804fcb5d0a7f44ffc69993167d1914bb11
-
SHA256
6dda09e05bb1bed63f13b5d5d34fa8acae55e45ed25da06cf2ca1d20152fad2f
-
SHA512
74e9d923a5a8d8e1b231d35d4edb85fb3e6c0b11c79e79be59bd2a93bea8288099c58bfcabf9379f1fa754d16be85a5e6ba2aa0a3794c17c62591d4aba20bff7
-
SSDEEP
786432:Mci1BEnvQu7vja8IDKrZMu4GwjSB6QJekq/n5Bt5Q:McCu7v2jKrWuPwjq6ga5O
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-20_30c9bffeef7c5598279030e7e5675547_icedid_magniber_sakula.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-06-20_30c9bffeef7c5598279030e7e5675547_icedid_magniber_sakula
-
Size
24.1MB
-
MD5
30c9bffeef7c5598279030e7e5675547
-
SHA1
ddc2de804fcb5d0a7f44ffc69993167d1914bb11
-
SHA256
6dda09e05bb1bed63f13b5d5d34fa8acae55e45ed25da06cf2ca1d20152fad2f
-
SHA512
74e9d923a5a8d8e1b231d35d4edb85fb3e6c0b11c79e79be59bd2a93bea8288099c58bfcabf9379f1fa754d16be85a5e6ba2aa0a3794c17c62591d4aba20bff7
-
SSDEEP
786432:Mci1BEnvQu7vja8IDKrZMu4GwjSB6QJekq/n5Bt5Q:McCu7v2jKrWuPwjq6ga5O
-
Detect Blackmoon payload
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-