Errors
Reason
config extraction: IcedidFirstLoader: invalid PE COFF file signature of [48 14 46 244]
General
-
Target
1ceaa4b6735e54755f3d4ccc633936a96d120d6a18726c81f5caec4063418ed3.unknown
-
Size
24.8MB
-
MD5
a117d42515044929dc06b09ab86ea81f
-
SHA1
5c915c452fb04bb5fd003ca9ad69bfa43350e2b1
-
SHA256
1ceaa4b6735e54755f3d4ccc633936a96d120d6a18726c81f5caec4063418ed3
-
SHA512
c944d321c568e266bc95ac79628d70a8cd40471a9cfb47fedfb8ce30a7b94885bb4e01ce66a1c0dc20c481c99b15ca58e855db100fac7f11a483c5e77de9e734
-
SSDEEP
196608:phLEclFM/2z18QXRynO83D/e1ZP0vEa7zFqbv:pZEclFMezGQhsre1dk6
Malware Config
Signatures
-
888rat family
-
Android 888 RAT payload 1 IoCs
Processes:
resource yara_rule sample family_888rat -
Detected Mount Locker ransomware 1 IoCs
Processes:
resource yara_rule sample RANSOM_mountlocker -
EvilNum C# Component 1 IoCs
Processes:
resource yara_rule sample evilnum_csharp -
Evilnum family
-
Guloader family
-
Guloader payload 1 IoCs
Processes:
resource yara_rule sample family_guloader -
Mountlocker family
-
Snake Keylogger payload 1 IoCs
Processes:
resource yara_rule sample family_snakekeylogger -
Snakekeylogger family
Files
-
1ceaa4b6735e54755f3d4ccc633936a96d120d6a18726c81f5caec4063418ed3.unknown