General
-
Target
0cd4919a_by_Libranalysis
-
Size
76KB
-
Sample
210505-xn5gvqt7bx
-
MD5
0cd4919a4b60e0d941b865d1dc479e7f
-
SHA1
e89b0550749e2f36a4415dfa6c371429de096e06
-
SHA256
51f20415064147e3eeed504a3c53c5850150840896e91bdfc815cfafd2e5679c
-
SHA512
3c6ae61a68156b73185970716b9c9fd75ebe6f97cf1e8b5244ed73265c4a11433728af7bc6961ba87ca4502f92b9dbea8a9e1540953402797e19765f4134361d
Static task
static1
Behavioral task
behavioral1
Sample
0cd4919a_by_Libranalysis.doc
Resource
win7v20210408
Behavioral task
behavioral2
Sample
0cd4919a_by_Libranalysis.doc
Resource
win10v20210410
Malware Config
Extracted
icedid
1386562008
zasertiokil.top
Targets
-
-
Target
0cd4919a_by_Libranalysis
-
Size
76KB
-
MD5
0cd4919a4b60e0d941b865d1dc479e7f
-
SHA1
e89b0550749e2f36a4415dfa6c371429de096e06
-
SHA256
51f20415064147e3eeed504a3c53c5850150840896e91bdfc815cfafd2e5679c
-
SHA512
3c6ae61a68156b73185970716b9c9fd75ebe6f97cf1e8b5244ed73265c4a11433728af7bc6961ba87ca4502f92b9dbea8a9e1540953402797e19765f4134361d
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-