General
-
Target
statistics 12.02.21.doc
-
Size
33KB
-
Sample
211202-rdvttscee7
-
MD5
d0c52ca636c75558a9960b9460f3bb7d
-
SHA1
892c54f1552e79b3b4194654b12d6294c95f0688
-
SHA256
25025b6b0a8ef05dbfe14c1bd171afc55ed723d135df3ae59abaa39fabc0ea10
-
SHA512
3e2a9bfd2a21e43a97818b8ddb033a1fb2fcd88a3aed6a490428369e7b5b2ca2f86beb034531a8dc9742de81492e25f198c55d3ec2526828b417b19511b9ab36
Static task
static1
Behavioral task
behavioral1
Sample
statistics 12.02.21.doc
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
statistics 12.02.21.doc
Resource
win10-en-20211104
Malware Config
Extracted
icedid
1892568649
normyils.com
Targets
-
-
Target
statistics 12.02.21.doc
-
Size
33KB
-
MD5
d0c52ca636c75558a9960b9460f3bb7d
-
SHA1
892c54f1552e79b3b4194654b12d6294c95f0688
-
SHA256
25025b6b0a8ef05dbfe14c1bd171afc55ed723d135df3ae59abaa39fabc0ea10
-
SHA512
3e2a9bfd2a21e43a97818b8ddb033a1fb2fcd88a3aed6a490428369e7b5b2ca2f86beb034531a8dc9742de81492e25f198c55d3ec2526828b417b19511b9ab36
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-