General
-
Target
mpbronko.file.09.26.2022.doc
-
Size
866KB
-
Sample
220926-w4bk4acgdr
-
MD5
4665978b0c385746634e837308b07830
-
SHA1
bb9457fa419c8970eafb857482f3ce6db12381bb
-
SHA256
58ce514c8b740fdfe115bc19d65ed5e2f8d0df045cdd4e5611ec213382a56e3b
-
SHA512
2d292549fe138387e67bce1d5ef092c18176a4f50f46341bb4f6b8979ed15327f2a3a1237f90084a73a9f9e44f2bb321b42e71be2398f701a0f8a0aaa0721452
-
SSDEEP
12288:70VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DErLpcZJWWDuBhFg:gV2jUeQRI5wPN/w9cZzq/Fg
Behavioral task
behavioral1
Sample
mpbronko.file.09.26.2022.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
mpbronko.file.09.26.2022.doc
-
Size
866KB
-
MD5
4665978b0c385746634e837308b07830
-
SHA1
bb9457fa419c8970eafb857482f3ce6db12381bb
-
SHA256
58ce514c8b740fdfe115bc19d65ed5e2f8d0df045cdd4e5611ec213382a56e3b
-
SHA512
2d292549fe138387e67bce1d5ef092c18176a4f50f46341bb4f6b8979ed15327f2a3a1237f90084a73a9f9e44f2bb321b42e71be2398f701a0f8a0aaa0721452
-
SSDEEP
12288:70VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DErLpcZJWWDuBhFg:gV2jUeQRI5wPN/w9cZzq/Fg
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-