General
-
Target
official paper.05.010.2021.doc
-
Size
46KB
-
Sample
210510-mmpxl2vpwa
-
MD5
c662f20f98afd7c950a9632223812ccd
-
SHA1
ab9f6927ad7ae8ad74c7ad4ada3e820893f946bf
-
SHA256
976a009ed5b0df798bf38b6c3d021abc70ba8a1f18a44b678ea5bc32e17edb0d
-
SHA512
835cfe60681e28051955cab6f2f6f1316ceb1f9e08634954e09ee07d3f3a44e11cc5efcb3bdd588005b1aee2250878ff7d9a300dc60899f388339ef29ba1f1d2
Malware Config
Extracted
icedid
2975399169
dupperawergo.top
Targets
-
-
Target
official paper.05.010.2021.doc
-
Size
46KB
-
MD5
c662f20f98afd7c950a9632223812ccd
-
SHA1
ab9f6927ad7ae8ad74c7ad4ada3e820893f946bf
-
SHA256
976a009ed5b0df798bf38b6c3d021abc70ba8a1f18a44b678ea5bc32e17edb0d
-
SHA512
835cfe60681e28051955cab6f2f6f1316ceb1f9e08634954e09ee07d3f3a44e11cc5efcb3bdd588005b1aee2250878ff7d9a300dc60899f388339ef29ba1f1d2
Score10/10-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-