General
-
Target
Info.zip
-
Size
43KB
-
Sample
211202-vmvrzadgf7
-
MD5
94afaf43eaba5546fa0a3080be483e9a
-
SHA1
2dbda6657aca1b6f00d8fe50a29fa277fed75662
-
SHA256
c24b20ace41ccedd3e3fadd93317876f12dab84aa99820a054a07f609a826903
-
SHA512
b8240d437bf463e5742a0136596f8b4c78ceb5d3558b88a39ff253fd508f967c0128cb2861eb2d78e257444ec44adcce44ea974eb9b33aa0b5147cca2710d971
Static task
static1
Behavioral task
behavioral1
Sample
require_12.02.2021.doc
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
require_12.02.2021.doc
Resource
win10-en-20211104
Malware Config
Extracted
icedid
1892568649
normyils.com
Targets
-
-
Target
require_12.02.2021.doc
-
Size
33KB
-
MD5
ea2a3a6ee2019332ec68976de398b745
-
SHA1
94eac84bab3b429867d14ef38342f756cf8de6c6
-
SHA256
2d56acca994825021827c79404d6670601063151a17367c4087002bbb83b26bf
-
SHA512
b258e55cecdb12161753f57936fe10325c89f22f0b0f8e982b0205e78dc9fd9afc9f1fc49844a8c08a019d922e3cce43321c300315a3b89e596134bf88ebdbd4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-