General
-
Target
irvineonline-invoice-09.26.doc
-
Size
866KB
-
Sample
220926-v8ac6acfdj
-
MD5
319cfa12370a523d83f9c30a3e048e96
-
SHA1
32f8aba73cbd8bdadf5cffb69ba164c99cec319e
-
SHA256
242da7effd209f9d7c0f497b508b4f5c4ea0802c1ad45028bcaf088dc721ab4e
-
SHA512
a264abdb00652b7be8f9d2c400e7917d7c7a7a0092a515c96f62ccce7eab2f583fbef1045ffbd1399f6fbd40cc1decd1a0c77538bb1b374ec2e21fd5904ce339
-
SSDEEP
12288:3sHVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEPmnjPvxzxzFZjFPa:aV2jUeQRI5wPN/CmjPZHPa
Behavioral task
behavioral1
Sample
irvineonline-invoice-09.26.docm
Resource
win7-20220901-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
irvineonline-invoice-09.26.doc
-
Size
866KB
-
MD5
319cfa12370a523d83f9c30a3e048e96
-
SHA1
32f8aba73cbd8bdadf5cffb69ba164c99cec319e
-
SHA256
242da7effd209f9d7c0f497b508b4f5c4ea0802c1ad45028bcaf088dc721ab4e
-
SHA512
a264abdb00652b7be8f9d2c400e7917d7c7a7a0092a515c96f62ccce7eab2f583fbef1045ffbd1399f6fbd40cc1decd1a0c77538bb1b374ec2e21fd5904ce339
-
SSDEEP
12288:3sHVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEPmnjPvxzxzFZjFPa:aV2jUeQRI5wPN/CmjPZHPa
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-