General
-
Target
f9938f14df5d7889b1dfd3af2d529ceadf1017aa2f83337dad71ee67379d9a3d.doc
-
Size
867KB
-
Sample
220926-w3s4rabfe6
-
MD5
85b189afdff301d576b49983c6114edf
-
SHA1
1c21f0e116869c2e336038141997b65d5c4497db
-
SHA256
f9938f14df5d7889b1dfd3af2d529ceadf1017aa2f83337dad71ee67379d9a3d
-
SHA512
86edc18aa037e62c579b62c69c9245fc9085eee8cbd31e9c40e5bc16902776bd052cf69693724fd7eb5a366117fb7ba6acad5531b2a8b60d6dd247b16df1a8aa
-
SSDEEP
12288:HkVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEEs9KH7oRe1GIaqUR:HkV2jUeQRI5wPN/c9cEk1y
Behavioral task
behavioral1
Sample
f9938f14df5d7889b1dfd3af2d529ceadf1017aa2f83337dad71ee67379d9a3d.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
f9938f14df5d7889b1dfd3af2d529ceadf1017aa2f83337dad71ee67379d9a3d.doc
-
Size
867KB
-
MD5
85b189afdff301d576b49983c6114edf
-
SHA1
1c21f0e116869c2e336038141997b65d5c4497db
-
SHA256
f9938f14df5d7889b1dfd3af2d529ceadf1017aa2f83337dad71ee67379d9a3d
-
SHA512
86edc18aa037e62c579b62c69c9245fc9085eee8cbd31e9c40e5bc16902776bd052cf69693724fd7eb5a366117fb7ba6acad5531b2a8b60d6dd247b16df1a8aa
-
SSDEEP
12288:HkVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEEs9KH7oRe1GIaqUR:HkV2jUeQRI5wPN/c9cEk1y
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-