General
-
Target
ncsforallinvoice09.26.2022.doc
-
Size
866KB
-
Sample
220926-v7p28abeb8
-
MD5
88cc02f7d1dbe75e22c8c7eddb01f5dd
-
SHA1
2dd7c4a231acf2b0a189038e3d3e4b86d28122fd
-
SHA256
4de986bc1d553823577929819c03ee508e911384119ebdb1f0d8cb190a7e381e
-
SHA512
258bec4d61a8079d15cd78028730ae96d0d2112e0b730034741075c6eae0ff364befb73b1219b5eb8e468d3a935d5ee5b691ca2e564d354c885cacd5f7342aae
-
SSDEEP
12288:OJVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEMsy69d/+CEz5w6hteci3:OJV2jUeQRI5wPN/tsyP15Xi3
Behavioral task
behavioral1
Sample
ncsforallinvoice09.26.2022.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
ncsforallinvoice09.26.2022.doc
-
Size
866KB
-
MD5
88cc02f7d1dbe75e22c8c7eddb01f5dd
-
SHA1
2dd7c4a231acf2b0a189038e3d3e4b86d28122fd
-
SHA256
4de986bc1d553823577929819c03ee508e911384119ebdb1f0d8cb190a7e381e
-
SHA512
258bec4d61a8079d15cd78028730ae96d0d2112e0b730034741075c6eae0ff364befb73b1219b5eb8e468d3a935d5ee5b691ca2e564d354c885cacd5f7342aae
-
SSDEEP
12288:OJVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEMsy69d/+CEz5w6hteci3:OJV2jUeQRI5wPN/tsyP15Xi3
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-