General
-
Target
mirafilmes file 09.26.22.doc
-
Size
865KB
-
Sample
220926-v1eynscfap
-
MD5
be8e99d469cb9571fd571166449f1b5f
-
SHA1
2430200d8e58876a05598f93fa7007f06c67675b
-
SHA256
26f492c47084b37acb68702cafda4256054eb8b07dbed4d215ea7844827efd4d
-
SHA512
4af1ef5d2238482915544be13196dd417b3e189ce7a0626b2483c0cf80ec0550559f5b4120f562344e6cfd2d44b8bf4802ca5e8a0d3f9db65e5f7f52ce5b516f
-
SSDEEP
12288:tcVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEwSHNxhp/G7obp9b6dGRn:SV2jUeQRI5wPN/HSHjGs19bTn
Behavioral task
behavioral1
Sample
mirafilmes file 09.26.22.docm
Resource
win7-20220901-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
mirafilmes file 09.26.22.doc
-
Size
865KB
-
MD5
be8e99d469cb9571fd571166449f1b5f
-
SHA1
2430200d8e58876a05598f93fa7007f06c67675b
-
SHA256
26f492c47084b37acb68702cafda4256054eb8b07dbed4d215ea7844827efd4d
-
SHA512
4af1ef5d2238482915544be13196dd417b3e189ce7a0626b2483c0cf80ec0550559f5b4120f562344e6cfd2d44b8bf4802ca5e8a0d3f9db65e5f7f52ce5b516f
-
SSDEEP
12288:tcVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEwSHNxhp/G7obp9b6dGRn:SV2jUeQRI5wPN/HSHjGs19bTn
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-