General
-
Target
JaffaCakes118_2878be41aaeedc0ee558e795eb571a68bfd955299a855e50c2a2da0c611a3f72
-
Size
344KB
-
Sample
241221-1klzya1jem
-
MD5
68e5a1ff87ce7cdc850e55526899e76f
-
SHA1
1bb4fe13f9d07f6e91e60cb4458b90db1d0faa40
-
SHA256
2878be41aaeedc0ee558e795eb571a68bfd955299a855e50c2a2da0c611a3f72
-
SHA512
f3428b8c309c5eb5716b0842a0bce4aacf3079a945f6146eff53d5335079ba5e5d632802ef62b079d15418e7d9a6720f766fd667c0c004c95ea5697c0923a346
-
SSDEEP
6144:isBaiLlIurxTbp4o8l4It2DelgQpB/lP3u21uZoXa8ZTiposUDFkPtigi976D+VZ:bwIIuxTbp4oTOgQpdlG21I89ipNc4sRp
Static task
static1
Behavioral task
behavioral1
Sample
core/cmd.bat
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
core/cmd.bat
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
core/lava_.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
core/lava_.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
icedid
1525646893
survoning.top
engivesci.top
kastfiron.top
oscanonamik.buzz
-
auth_var
14
-
url_path
/news/
Extracted
icedid
Targets
-
-
Target
core/cmd.bat
-
Size
185B
-
MD5
bac18ce4d5c2794b21ba4edbeb29b133
-
SHA1
f783b8dcb137890099d2fae754aa0685c3df027d
-
SHA256
251bc2dcfb073f229c16292b797dc08f89aa6aa91e32b44f5adb7466971e339a
-
SHA512
9b26df943e2781ee520e0f173c5f6a3dcff5c9a06200965ed16a51c666f79330a1b30282f73ce81d9ee5cb95465f986ada272207aec3b88cb6dbb99ed27ae8b3
-
Icedid family
-
-
-
Target
core/lava_.dat
-
Size
31KB
-
MD5
cbd6b1ec0c58c081d270a546a2e12526
-
SHA1
1061c9058f1b9feefc460aaf1364d010cd0e21f6
-
SHA256
98202a36294325c6c23d623ebcf4e2008cc2b8ff0cd8ae4a64f7e632569d05d3
-
SHA512
2c6be10e3afed0faf9083f25acef9568cfe14ee95b7c1ce8ee2b2bfc38cb3b8c069c216a223a425f2549f5d72e1eb4ed5e512589d3094b63b821002aa5b4ff0d
-
SSDEEP
384:gp+zb+B/pcNY3DVg27xxObguH1a+UdMBquiwHsu+H:gp+zidp0YDVgYxMguHZBqFwHsnH
Score10/10-
Icedid family
-