General
-
Target
k-mpw document 09.26.22.doc
-
Size
865KB
-
Sample
220926-v3pwnacfbm
-
MD5
c35884ae9c17e0e8a3d92cbfaf1dd838
-
SHA1
323b683e1647ac929fc8bd6f36711f469817f25f
-
SHA256
4aed84df96bdbf16a4f5b4c2a195e9384b891b35328108aae8f3243a50e3dc25
-
SHA512
1023e57f4688f30c83c678222032df5c116d2856991bfb111c1ef7531dae84894f7dc864a2fa0560e294d866723f1553deca041065e89f524249877230ceba3e
-
SSDEEP
12288:UwVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEC0yuhh/S0cOxtUB:TV2jUeQRI5wPN/ah60Bs
Behavioral task
behavioral1
Sample
k-mpw document 09.26.22.docm
Resource
win7-20220901-en
Malware Config
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
k-mpw document 09.26.22.doc
-
Size
865KB
-
MD5
c35884ae9c17e0e8a3d92cbfaf1dd838
-
SHA1
323b683e1647ac929fc8bd6f36711f469817f25f
-
SHA256
4aed84df96bdbf16a4f5b4c2a195e9384b891b35328108aae8f3243a50e3dc25
-
SHA512
1023e57f4688f30c83c678222032df5c116d2856991bfb111c1ef7531dae84894f7dc864a2fa0560e294d866723f1553deca041065e89f524249877230ceba3e
-
SSDEEP
12288:UwVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEC0yuhh/S0cOxtUB:TV2jUeQRI5wPN/ah60Bs
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-