General
-
Target
decree-05.21.doc
-
Size
46KB
-
Sample
210510-apzkxnmgjn
-
MD5
a89a3cdac33a36c9f037e010f3dd1115
-
SHA1
626ea2da9d99102357c57138ff0d2386b2b683f4
-
SHA256
234a873c451f9f45b9bf3ba67903897ba6ad4ea7571f5aec42358fe0ffe7f20e
-
SHA512
b0e5a684eb60e580c6a48a890a5879d907cb7dffce7fa91b3eaae59619efd10e2abd2410c5267f0e19757c343755dd9bfb71c2add1e2a1744852495da41d7154
Static task
static1
Behavioral task
behavioral1
Sample
decree-05.21.doc
Resource
win7v20210408
Behavioral task
behavioral2
Sample
decree-05.21.doc
Resource
win10v20210410
Malware Config
Extracted
icedid
2975399169
dupperawergo.top
Targets
-
-
Target
decree-05.21.doc
-
Size
46KB
-
MD5
a89a3cdac33a36c9f037e010f3dd1115
-
SHA1
626ea2da9d99102357c57138ff0d2386b2b683f4
-
SHA256
234a873c451f9f45b9bf3ba67903897ba6ad4ea7571f5aec42358fe0ffe7f20e
-
SHA512
b0e5a684eb60e580c6a48a890a5879d907cb7dffce7fa91b3eaae59619efd10e2abd2410c5267f0e19757c343755dd9bfb71c2add1e2a1744852495da41d7154
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-