General
-
Target
2024-07-27_f5ea12474b1461fec0a6a88a3831062f_icedid_sakula
-
Size
22.7MB
-
Sample
240727-awtk2syane
-
MD5
f5ea12474b1461fec0a6a88a3831062f
-
SHA1
cfab2004544d5bbbd97123ac51f49a998cd61df4
-
SHA256
a8a3270b145e813fae09d59b0526235d37148eb53e2b44068c71cd4d28786f96
-
SHA512
2febd7b296488efdc83ccbe6a4a288f131e13842677d5f41c81a9546671e909c5e965a1c1742687ea7d7e924c04c9137797532ec8273b0dc5b88e61a7ff85528
-
SSDEEP
196608:ZEYpB1oNKPLCuSJlCuA5GLAlyFzG/ArV/fT/Tn82QDZE7N/Y:qQyNKPLCuS3CD/k1T7B7y
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-27_f5ea12474b1461fec0a6a88a3831062f_icedid_sakula.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
2024-07-27_f5ea12474b1461fec0a6a88a3831062f_icedid_sakula
-
Size
22.7MB
-
MD5
f5ea12474b1461fec0a6a88a3831062f
-
SHA1
cfab2004544d5bbbd97123ac51f49a998cd61df4
-
SHA256
a8a3270b145e813fae09d59b0526235d37148eb53e2b44068c71cd4d28786f96
-
SHA512
2febd7b296488efdc83ccbe6a4a288f131e13842677d5f41c81a9546671e909c5e965a1c1742687ea7d7e924c04c9137797532ec8273b0dc5b88e61a7ff85528
-
SSDEEP
196608:ZEYpB1oNKPLCuSJlCuA5GLAlyFzG/ArV/fT/Tn82QDZE7N/Y:qQyNKPLCuS3CD/k1T7B7y
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-