General
-
Target
lindenpartners file 09.26.2022.doc
-
Size
867KB
-
Sample
220926-v7prfscfcm
-
MD5
7f5e39b707edc013955af76c50bf34cf
-
SHA1
bfb0187b6fe8066779c6ded18dc199241235d7c7
-
SHA256
58f9be151a7edb6fab36fb7ca9dfdfcd9ebd257d4d30bac1d1042c0bdd1ef38c
-
SHA512
06e8fbd153ecabf8b2f4e2db4650e7e490ff2b20f6b8fec246542fdd1d8498882605f785f0c61560d2e2ee9af85101e7b11da6a7bffc18e7e608111d8e53d380
-
SSDEEP
12288:w4VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEuM/rrljXXAKunP5GL:w4V2jUeQRI5wPN/grrlbwKua
Behavioral task
behavioral1
Sample
lindenpartners file 09.26.2022.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
lindenpartners file 09.26.2022.doc
-
Size
867KB
-
MD5
7f5e39b707edc013955af76c50bf34cf
-
SHA1
bfb0187b6fe8066779c6ded18dc199241235d7c7
-
SHA256
58f9be151a7edb6fab36fb7ca9dfdfcd9ebd257d4d30bac1d1042c0bdd1ef38c
-
SHA512
06e8fbd153ecabf8b2f4e2db4650e7e490ff2b20f6b8fec246542fdd1d8498882605f785f0c61560d2e2ee9af85101e7b11da6a7bffc18e7e608111d8e53d380
-
SSDEEP
12288:w4VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEuM/rrljXXAKunP5GL:w4V2jUeQRI5wPN/grrlbwKua
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-