General
-
Target
inquiry 05.04.21.doc
-
Size
75KB
-
Sample
210504-5k4pbgb2hx
-
MD5
dfd6f590849c9285651b84bc3cab8a59
-
SHA1
fc348772b475664982cd1d92e42e6933ab793e0d
-
SHA256
eb9f9a2ce8bb43b5105a45b8b02b805d237d863edeae7c6cbd382750079d157e
-
SHA512
0923120d0bb272fa0eb2413d87ddc0842754b8e5dbe7a57000a994494409ae94db21e20e9c1b2bb6d412bda050202a8cb3f52f2cca746b4d6d6e216431c93db6
Static task
static1
Behavioral task
behavioral1
Sample
inquiry 05.04.21.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
inquiry 05.04.21.doc
Resource
win10v20210408
Malware Config
Extracted
icedid
3042509645
barcafokliresd.top
Targets
-
-
Target
inquiry 05.04.21.doc
-
Size
75KB
-
MD5
dfd6f590849c9285651b84bc3cab8a59
-
SHA1
fc348772b475664982cd1d92e42e6933ab793e0d
-
SHA256
eb9f9a2ce8bb43b5105a45b8b02b805d237d863edeae7c6cbd382750079d157e
-
SHA512
0923120d0bb272fa0eb2413d87ddc0842754b8e5dbe7a57000a994494409ae94db21e20e9c1b2bb6d412bda050202a8cb3f52f2cca746b4d6d6e216431c93db6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-