MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 15a77fd313dbdd0982a838fc2359ae6d480b1dc7bc824566818e54e40c1b46fc. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


IcedID


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 15a77fd313dbdd0982a838fc2359ae6d480b1dc7bc824566818e54e40c1b46fc
SHA3-384 hash: 01b682ef35c5be002b3d93005147d9a90748d04f2e22ceaae9a03bddfb85395df5625606dca14347705f0c38e00d8f2b
SHA1 hash: ab29e827dca7be597a68575cb86804120d808cca
MD5 hash: 3bc370a9716a584ee96ccd55cad5514f
humanhash: alanine-grey-mars-batman
File name:Invoice#10-12_document_100.zip
Download: download sample
Signature IcedID
Create hunting rule
File size:45'116 bytes
First seen:2022-10-12 15:13:07 UTC
Last seen:Never
File type: zip
MIME type:application/zip
Note:This file is a password protected archive. The password is: doc794
ssdeep 768:7/dUgNfmWpLHeKj2TgI29YuRGujaPykH68FTYCfFKFsw62IzwQ9cgOa:7agdm4ezkaJujaPyAVFWAzr9cgOa
TLSH T11F13F159CF924239C194323F4B9918446AC8FED4EF732AABB7249074BC95678FCA35C4
TrID 80.0% (.ZIP) ZIP compressed archive (4000/1)
20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter k3dg3___
Tags:553916081 IcedID pw doc794 zip


Avatar
k3dg3
C2: alicenegord.com
Project ID: 553916081

Intelligence

File Origin
# of uploads :
1
# of downloads :
200
Origin country :
n/a
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:Invoice#10-12_document_100.iso
File size:1'572'864 bytes
SHA256 hash: 939dd202fab76c443f7ef930b96790109a0ef67d4b390919c4b3fc0f9621bbd7
MD5 hash: 1ed77fd1a73ab5ebbbf6c1a1fbde9d44
MIME type:application/octet-stream
Signature IcedID
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.GenericKD.62714241.19803.15602.UNOFFICIAL
Create hunting rule

Gathering data
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/15a77fd313dbdd0982a838fc2359ae6d480b1dc7bc824566818e54e40c1b46fc
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/15a77fd313dbdd0982a838fc2359ae6d480b1dc7bc824566818e54e40c1b46fc/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=cwtx7uyt3poqtavihd6cgwnonveawhohxsbekzubrzkoida3i36a._file
Gathering data
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/15a77fd313dbdd0982a838fc2359ae6d480b1dc7bc824566818e54e40c1b46fc

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

IcedID

zip 15a77fd313dbdd0982a838fc2359ae6d480b1dc7bc824566818e54e40c1b46fc

(this sample)

e94bdfc978578174ce3771a551de1fec7a3579a95fe68c2c85cf560159163268

  
Dropping
SHA256 e94bdfc978578174ce3771a551de1fec7a3579a95fe68c2c85cf560159163268
  
Delivery method
Distributed via e-mail attachment

Comments