General
-
Target
myfairpoint.invoice.09.26.22.doc
-
Size
866KB
-
Sample
220926-vwz32scfam
-
MD5
609a963327903814b2f9406858fbbbca
-
SHA1
d405faa96e77d451084d76df58eae3b0c495a2b5
-
SHA256
86905033625f22c13a09dbdf5332c31a1a853ca26a83dc4c5188708a5a035fff
-
SHA512
4bf58448c00218036587376522593b7d5f6068831ba54f049a8fd9e23580d0619db2644527cc60c9b18d3f2a5dde13c451e8c5189ce94de109d9ba52d3d717b4
-
SSDEEP
12288:vPX1VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEhpcTJWKprlSM:nX1V2jUeQRI5wPN/McTFj
Behavioral task
behavioral1
Sample
myfairpoint.invoice.09.26.22.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
myfairpoint.invoice.09.26.22.doc
-
Size
866KB
-
MD5
609a963327903814b2f9406858fbbbca
-
SHA1
d405faa96e77d451084d76df58eae3b0c495a2b5
-
SHA256
86905033625f22c13a09dbdf5332c31a1a853ca26a83dc4c5188708a5a035fff
-
SHA512
4bf58448c00218036587376522593b7d5f6068831ba54f049a8fd9e23580d0619db2644527cc60c9b18d3f2a5dde13c451e8c5189ce94de109d9ba52d3d717b4
-
SSDEEP
12288:vPX1VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEhpcTJWKprlSM:nX1V2jUeQRI5wPN/McTFj
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-