General
-
Target
files 12.17.2020.doc
-
Size
59KB
-
Sample
201217-e3jfbv25te
-
MD5
2a631559ef534a0d256692408ab51bcf
-
SHA1
3d3e0e6d1daa2fa91ac2c4b7cb3c98cbfd4913f7
-
SHA256
f22d8e42dffd3328fd01c0eb8ad2a8872d8cb104f0be67f1bcf37e3b1b29c382
-
SHA512
3546fa4229e55d0201d744f751bd9c53b18a5c51f45704e7a5056857493098d5c3b95f4e4236442289c4b240fed61ae76318aa91f1b0b8739512cb921a8f39c9
Malware Config
Targets
-
-
Target
files 12.17.2020.doc
-
Size
59KB
-
MD5
2a631559ef534a0d256692408ab51bcf
-
SHA1
3d3e0e6d1daa2fa91ac2c4b7cb3c98cbfd4913f7
-
SHA256
f22d8e42dffd3328fd01c0eb8ad2a8872d8cb104f0be67f1bcf37e3b1b29c382
-
SHA512
3546fa4229e55d0201d744f751bd9c53b18a5c51f45704e7a5056857493098d5c3b95f4e4236442289c4b240fed61ae76318aa91f1b0b8739512cb921a8f39c9
Score10/10-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-