General
-
Target
2024-10-17_ee7b4efe98eb1fac28a8bcb68c5e6d5c_eternalromance_icedid_mimikatz_qakbot
-
Size
8.8MB
-
Sample
241017-pvzs1a1elj
-
MD5
ee7b4efe98eb1fac28a8bcb68c5e6d5c
-
SHA1
6a930a36fe1f06302a505ae1a281280fcc18be24
-
SHA256
e145ac6a651c72bb03e5c6d0a6ae337de6267a32c874c92c0d31fbd46d28e137
-
SHA512
e551cfa338dafa1a30a50d5bd27d9d7bc404adc7cbea20ba59e7740e6660fedd647359a5403ae356d1f5bb84db894aa6461eb5cbb46e37733ae44d92a9a5bdb6
-
SSDEEP
98304:A+/mLsGZ6NBaEDvDgYm930k3OxsdOqy1zQ9PvJ6OAhQrK4m:qZYRm9kFsdLrZAV4m
Behavioral task
behavioral1
Sample
2024-10-17_ee7b4efe98eb1fac28a8bcb68c5e6d5c_eternalromance_icedid_mimikatz_qakbot.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
2024-10-17_ee7b4efe98eb1fac28a8bcb68c5e6d5c_eternalromance_icedid_mimikatz_qakbot
-
Size
8.8MB
-
MD5
ee7b4efe98eb1fac28a8bcb68c5e6d5c
-
SHA1
6a930a36fe1f06302a505ae1a281280fcc18be24
-
SHA256
e145ac6a651c72bb03e5c6d0a6ae337de6267a32c874c92c0d31fbd46d28e137
-
SHA512
e551cfa338dafa1a30a50d5bd27d9d7bc404adc7cbea20ba59e7740e6660fedd647359a5403ae356d1f5bb84db894aa6461eb5cbb46e37733ae44d92a9a5bdb6
-
SSDEEP
98304:A+/mLsGZ6NBaEDvDgYm930k3OxsdOqy1zQ9PvJ6OAhQrK4m:qZYRm9kFsdLrZAV4m
-
Detect Blackmoon payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-