General
-
Target
k-wine-file-09.26.2022.doc
-
Size
865KB
-
Sample
220926-v9jm8abed2
-
MD5
17a3015e867d12c51fa96b6533dc91e3
-
SHA1
1151f6a40625cd9a3d3d79c09962759cb8810b51
-
SHA256
31a379b1373f69bea5ca9acdd5a908d787e3f6635ecf48a15f717e3ed7f30adc
-
SHA512
19fada135173012a3d39e70e17ad26c279a91bd2596d383816889643a995539ccc8ec7ae4b1d4100024ab2ea6a2e7e4d76da84e1f1267e958c861f1e1354d7d5
-
SSDEEP
12288:BW7SVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DE4oFJ1IR4H/kaGP85s:MuV2jUeQRI5wPN/tob1IRYcaM85s
Behavioral task
behavioral1
Sample
k-wine-file-09.26.2022.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
k-wine-file-09.26.2022.doc
-
Size
865KB
-
MD5
17a3015e867d12c51fa96b6533dc91e3
-
SHA1
1151f6a40625cd9a3d3d79c09962759cb8810b51
-
SHA256
31a379b1373f69bea5ca9acdd5a908d787e3f6635ecf48a15f717e3ed7f30adc
-
SHA512
19fada135173012a3d39e70e17ad26c279a91bd2596d383816889643a995539ccc8ec7ae4b1d4100024ab2ea6a2e7e4d76da84e1f1267e958c861f1e1354d7d5
-
SSDEEP
12288:BW7SVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DE4oFJ1IR4H/kaGP85s:MuV2jUeQRI5wPN/tob1IRYcaM85s
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-