General
-
Target
direct 05.04.2021.doc
-
Size
75KB
-
Sample
210504-ftn9wxvsge
-
MD5
a6851b431abd770ea66948e60b0b5e0d
-
SHA1
2b7f322a28f19a4d3e26b3ab1738f163a9185575
-
SHA256
80f5168c56293392745ef57fc6168cc588a1904a92b173edb3cf920e0d7e727c
-
SHA512
7180e3537a8dce36efd771afa3f1c10a982ab52644fbbd2647afd8ec1e8226f30fad0f8e7766ba041b8476d3ae4e79d340df59d196239918a4b29bbdabdc991f
Static task
static1
Behavioral task
behavioral1
Sample
direct 05.04.2021.doc
Resource
win7v20210408
Behavioral task
behavioral2
Sample
direct 05.04.2021.doc
Resource
win10v20210410
Malware Config
Extracted
icedid
3042509645
barcafokliresd.top
Targets
-
-
Target
direct 05.04.2021.doc
-
Size
75KB
-
MD5
a6851b431abd770ea66948e60b0b5e0d
-
SHA1
2b7f322a28f19a4d3e26b3ab1738f163a9185575
-
SHA256
80f5168c56293392745ef57fc6168cc588a1904a92b173edb3cf920e0d7e727c
-
SHA512
7180e3537a8dce36efd771afa3f1c10a982ab52644fbbd2647afd8ec1e8226f30fad0f8e7766ba041b8476d3ae4e79d340df59d196239918a4b29bbdabdc991f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-