General
-
Target
2024-06-30_e711531569d2e446c3501c635b41e89c_icedid_magniber_sakula
-
Size
22.3MB
-
Sample
240630-dfzznssgpc
-
MD5
e711531569d2e446c3501c635b41e89c
-
SHA1
e414d12a763ac179385df2da92267946540a4cbb
-
SHA256
57522c2c58604834f1f1e7236d63a375503a788b805a47df738ae3663388a4bb
-
SHA512
ce0f1b8a3618be5a63cf69d8cab54e1a9bb368a5952214cad2a71ed14acbd1d910a56c5c34465bf1eda92040ac61d459e64ba3e3ff1835bca5796b22ad583a5c
-
SSDEEP
393216:sY9mGvCEJi1BEmEC0QuImhIKjWcgjB8IU7oKrZAQMu4G+56d0jSBufcOIlXESZ8K:sYsYCEJi1BEnvQu7vja8IDKrZMu4GwjA
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-30_e711531569d2e446c3501c635b41e89c_icedid_magniber_sakula.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
2024-06-30_e711531569d2e446c3501c635b41e89c_icedid_magniber_sakula
-
Size
22.3MB
-
MD5
e711531569d2e446c3501c635b41e89c
-
SHA1
e414d12a763ac179385df2da92267946540a4cbb
-
SHA256
57522c2c58604834f1f1e7236d63a375503a788b805a47df738ae3663388a4bb
-
SHA512
ce0f1b8a3618be5a63cf69d8cab54e1a9bb368a5952214cad2a71ed14acbd1d910a56c5c34465bf1eda92040ac61d459e64ba3e3ff1835bca5796b22ad583a5c
-
SSDEEP
393216:sY9mGvCEJi1BEmEC0QuImhIKjWcgjB8IU7oKrZAQMu4G+56d0jSBufcOIlXESZ8K:sYsYCEJi1BEnvQu7vja8IDKrZMu4GwjA
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-