General
-
Target
inil,doc,09.26.doc
-
Size
865KB
-
Sample
220926-wde6labee8
-
MD5
9e2ae5327c396e8458993a61203803e8
-
SHA1
a08881c570937a1267cc4ad0d8784ce9582b2353
-
SHA256
b86f5a1bfb1b69c4b4137d98a5c4ef46d9da5d75ea8748f52cd22758781d7369
-
SHA512
ad8be90983a2fc8cbf1e10aaf677bacc129d3982898987c3180bce23e8c15248e4f05ef0b488384768765928da0d4b8d625118df997fe227fb86b24bd1881607
-
SSDEEP
12288:144VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEkFhhhJ3sJAib6Gv:i4V2jUeQRI5wPN/p1hJy/fv
Behavioral task
behavioral1
Sample
inil,doc,09.26.docm
Resource
win7-20220901-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
inil,doc,09.26.doc
-
Size
865KB
-
MD5
9e2ae5327c396e8458993a61203803e8
-
SHA1
a08881c570937a1267cc4ad0d8784ce9582b2353
-
SHA256
b86f5a1bfb1b69c4b4137d98a5c4ef46d9da5d75ea8748f52cd22758781d7369
-
SHA512
ad8be90983a2fc8cbf1e10aaf677bacc129d3982898987c3180bce23e8c15248e4f05ef0b488384768765928da0d4b8d625118df997fe227fb86b24bd1881607
-
SSDEEP
12288:144VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEkFhhhJ3sJAib6Gv:i4V2jUeQRI5wPN/p1hJy/fv
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-