General
-
Target
musicinyourlife.invoice.09.26.22.doc
-
Size
866KB
-
Sample
220926-v1eynsbdh8
-
MD5
0470b1147379370ff7c2463506d24adf
-
SHA1
8e7dbdb5aada7ef2a6cb7af44c219b4a0d7d1a55
-
SHA256
828ba54cdeef23fac240726ae04f3768a35dc3c871c9eeaea685421916d872c1
-
SHA512
88109d49ed3cae7036e7662bd9249bbb45f711b6740a3a1d781ce63436c78972c70f297a91dac5b513ac758142df61aa0df5a1b15445a82e388338d80481e782
-
SSDEEP
12288:lMPVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEgpcYU9gJDumhFV:iV2jUeQRI5wPN/pcYZJqiFV
Behavioral task
behavioral1
Sample
musicinyourlife.invoice.09.26.22.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
musicinyourlife.invoice.09.26.22.doc
-
Size
866KB
-
MD5
0470b1147379370ff7c2463506d24adf
-
SHA1
8e7dbdb5aada7ef2a6cb7af44c219b4a0d7d1a55
-
SHA256
828ba54cdeef23fac240726ae04f3768a35dc3c871c9eeaea685421916d872c1
-
SHA512
88109d49ed3cae7036e7662bd9249bbb45f711b6740a3a1d781ce63436c78972c70f297a91dac5b513ac758142df61aa0df5a1b15445a82e388338d80481e782
-
SSDEEP
12288:lMPVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEgpcYU9gJDumhFV:iV2jUeQRI5wPN/pcYZJqiFV
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-