General
-
Target
jenniferbrantley file 09.26.22.doc
-
Size
865KB
-
Sample
220926-wfrx6sbeg2
-
MD5
90bfaf210589f99fd00bc0b942870597
-
SHA1
2c520dd9f61b762e44ffccdf69b39a50a53e02d5
-
SHA256
c219777c4bdd8df4f3190678b777156b2f81f734f55376a627bedcb4b3daf3dc
-
SHA512
7e405c407cf9bdd3fe9e197fbb59c6da5c21c96cabfebc30e83fec3795fcc5c9e3e1817750ee0f411a22e080c216ae53f615dc61e4f853876c0e7c7cb88b6f06
-
SSDEEP
12288:JGVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEqFIkxQ+9GjT:sV2jUeQRI5wPN/JFIoYjT
Behavioral task
behavioral1
Sample
jenniferbrantley file 09.26.22.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
jenniferbrantley file 09.26.22.doc
-
Size
865KB
-
MD5
90bfaf210589f99fd00bc0b942870597
-
SHA1
2c520dd9f61b762e44ffccdf69b39a50a53e02d5
-
SHA256
c219777c4bdd8df4f3190678b777156b2f81f734f55376a627bedcb4b3daf3dc
-
SHA512
7e405c407cf9bdd3fe9e197fbb59c6da5c21c96cabfebc30e83fec3795fcc5c9e3e1817750ee0f411a22e080c216ae53f615dc61e4f853876c0e7c7cb88b6f06
-
SSDEEP
12288:JGVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEqFIkxQ+9GjT:sV2jUeQRI5wPN/JFIoYjT
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-