General
-
Target
input.12.07.2020.doc
-
Size
74KB
-
Sample
201207-gyykhbsvms
-
MD5
20e0a37eb586f5c40506955ddd204651
-
SHA1
1a25ed0ec5c99efce29b06ad3f93ddadd9a49f74
-
SHA256
9f727b8bb2c30ceb1c8d60520588ca81353eb18ef40b0de2f8401b01029781a2
-
SHA512
5744cbd6979c2cf30bb0a4bd3c97af30292234e16a37b3ecd4f6a7168f026193ff81e662e626af6bb5e5a11e2a2824f5c8c7bf5178c78c37f949611cbffff4e3
Malware Config
Targets
-
-
Target
input.12.07.2020.doc
-
Size
74KB
-
MD5
20e0a37eb586f5c40506955ddd204651
-
SHA1
1a25ed0ec5c99efce29b06ad3f93ddadd9a49f74
-
SHA256
9f727b8bb2c30ceb1c8d60520588ca81353eb18ef40b0de2f8401b01029781a2
-
SHA512
5744cbd6979c2cf30bb0a4bd3c97af30292234e16a37b3ecd4f6a7168f026193ff81e662e626af6bb5e5a11e2a2824f5c8c7bf5178c78c37f949611cbffff4e3
Score10/10-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-