Extracted

• • Target

    legal agreement 12.21.doc

  • Size

    33KB

  • MD5

    97037060e74606a0a36e5fda75841896

  • SHA1

    ac171a67077f26946b694ba43969c6b23e83665d

  • SHA256

    fa85f7aa41e85611e0f0239f96643f48bdafeb620a40ab2bac9efa191fc5b810

  • SHA512

    924d052a2cbd0a9b7324645691f7a8f431131c7f701f8cefe81aa4ce82e96bd778438b3b601504ce8148d8a6a39dcebfe45249c439e22d5f3eb7788a81b90678

  Score

  10^/10

  icedid1892568649bankertrojan

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Loads dropped DLL

  behavioral1behavioral2