General
-
Target
ms-cubed document 09.26.2022.doc
-
Size
865KB
-
Sample
220926-vw2lwabdg8
-
MD5
05b14e14069d9fff62bf315cc8290d31
-
SHA1
a28d8b01a36233eb66ccb48b79349ccfc3b6e5ec
-
SHA256
f59f47970092e69c7fe1d8473dd57c3fd946eccd80b67ab1131a0c82c1aa025d
-
SHA512
3ff108cac7a2f9e4f259ef4b3638f2b07394a81a74407e4dc3cb180568e84af88b295d2f61fe009f7427e1bd211820c4377d60f53c829a1e963329cb5647678e
-
SSDEEP
12288:erVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DE8pcVU9gnDuZhF1:erV2jUeQRI5wPN/XcVZnqnF1
Behavioral task
behavioral1
Sample
ms-cubed document 09.26.2022.docm
Resource
win7-20220901-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
ms-cubed document 09.26.2022.doc
-
Size
865KB
-
MD5
05b14e14069d9fff62bf315cc8290d31
-
SHA1
a28d8b01a36233eb66ccb48b79349ccfc3b6e5ec
-
SHA256
f59f47970092e69c7fe1d8473dd57c3fd946eccd80b67ab1131a0c82c1aa025d
-
SHA512
3ff108cac7a2f9e4f259ef4b3638f2b07394a81a74407e4dc3cb180568e84af88b295d2f61fe009f7427e1bd211820c4377d60f53c829a1e963329cb5647678e
-
SSDEEP
12288:erVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DE8pcVU9gnDuZhF1:erV2jUeQRI5wPN/XcVZnqnF1
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-