General
-
Target
localnet file 09.26.22.doc
-
Size
867KB
-
Sample
220926-wj7g2acfhj
-
MD5
140735529ff6a04e908c6d366d84ee23
-
SHA1
c6f819b74701d5600dfc9346fe309498a2b0fa78
-
SHA256
e32d11d7b62d509c8ada08864a4938bbf92e2b7a4f5cb93cf9a387daa20fcf5c
-
SHA512
9599c67bc1a090715a021896b25c33ae0d789441d270ea303a7530caa352d4cefe7f7ed742e90e838391789efa76ec6a4f57efacafe53160a513b7af15dea688
-
SSDEEP
12288:C+VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEIWmu5GYMuuV+qe1GIaqXOg:rV2jUeQRI5wPN/Kmu54VV+X1xsNK
Behavioral task
behavioral1
Sample
localnet file 09.26.22.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
localnet file 09.26.22.doc
-
Size
867KB
-
MD5
140735529ff6a04e908c6d366d84ee23
-
SHA1
c6f819b74701d5600dfc9346fe309498a2b0fa78
-
SHA256
e32d11d7b62d509c8ada08864a4938bbf92e2b7a4f5cb93cf9a387daa20fcf5c
-
SHA512
9599c67bc1a090715a021896b25c33ae0d789441d270ea303a7530caa352d4cefe7f7ed742e90e838391789efa76ec6a4f57efacafe53160a513b7af15dea688
-
SSDEEP
12288:C+VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEIWmu5GYMuuV+qe1GIaqXOg:rV2jUeQRI5wPN/Kmu54VV+X1xsNK
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-