General
-
Target
naturahouse doc 09.26.2022.doc
-
Size
866KB
-
Sample
220926-v1eynsbea3
-
MD5
90d96e06a7cd0bccdfe7dc2a65b67d45
-
SHA1
43b3ddadebc58523f66031b89a7b80bdd5d71733
-
SHA256
6d8a66cddd81c9d8ab0f017bd38f72e3dd65235989ed207670fdbc9427f45db1
-
SHA512
5f7257535aaf4e351f9e5dda3dd2b7a2da2045652ba636cea099a3ca8adc4b5007c4508da902dff9cff6877117f213778164bcb3c3a02e9eef58dab40842b570
-
SSDEEP
12288:nVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEQeKDDK2HiFg6htEMOoS:nV2jUeQRI5wPN/ffDKibMpS
Behavioral task
behavioral1
Sample
naturahouse doc 09.26.2022.docm
Resource
win7-20220901-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
naturahouse doc 09.26.2022.doc
-
Size
866KB
-
MD5
90d96e06a7cd0bccdfe7dc2a65b67d45
-
SHA1
43b3ddadebc58523f66031b89a7b80bdd5d71733
-
SHA256
6d8a66cddd81c9d8ab0f017bd38f72e3dd65235989ed207670fdbc9427f45db1
-
SHA512
5f7257535aaf4e351f9e5dda3dd2b7a2da2045652ba636cea099a3ca8adc4b5007c4508da902dff9cff6877117f213778164bcb3c3a02e9eef58dab40842b570
-
SSDEEP
12288:nVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEQeKDDK2HiFg6htEMOoS:nV2jUeQRI5wPN/ffDKibMpS
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-