General
-
Target
specifics-05.06.2021.doc
-
Size
79KB
-
Sample
210507-v5aqfbf7r6
-
MD5
8dcba9f16d2602c09ccc7bba8463357a
-
SHA1
e10dd38a0e372a1f5cd100e36926227ad54613ae
-
SHA256
25368ee6e7d6c2f666080dcc0ec72dab4fb3c5d4756e41d7533d54611df5a485
-
SHA512
6f55b1b5675d3389c018befa483988c73f2d91c0fe24679239a94bff46a63342d95f036042ad832d7ed07a7d2ce39684a6453ab994e2ede15ecd7a271a5f32b0
Static task
static1
Behavioral task
behavioral1
Sample
specifics-05.06.2021.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
specifics-05.06.2021.doc
Resource
win10v20210408
Malware Config
Extracted
icedid
1436894865
zasertiokil.top
Targets
-
-
Target
specifics-05.06.2021.doc
-
Size
79KB
-
MD5
8dcba9f16d2602c09ccc7bba8463357a
-
SHA1
e10dd38a0e372a1f5cd100e36926227ad54613ae
-
SHA256
25368ee6e7d6c2f666080dcc0ec72dab4fb3c5d4756e41d7533d54611df5a485
-
SHA512
6f55b1b5675d3389c018befa483988c73f2d91c0fe24679239a94bff46a63342d95f036042ad832d7ed07a7d2ce39684a6453ab994e2ede15ecd7a271a5f32b0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-