General
-
Target
kinizamail file 09.26.doc
-
Size
867KB
-
Sample
220926-wj81vscfhm
-
MD5
a9cf396b1f278af3191829b6c9710574
-
SHA1
5af91f7058d68056d52a023963a15b7513c5917e
-
SHA256
50a281a000cf9f1fe9223ea81ccc08a6768208358846a2d32b1399325a6c64dd
-
SHA512
75085d2d06a9595baea22076fd9e658d547f8970d8eca9ad81a4ae4e1992035f967fb1076e2fd7183f58e7604ffb90d68b9eb9839066a30c8ea81a6e13ab9b3c
-
SSDEEP
12288:+1obDVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DE/49umuVOkGnCy3PBtYE:XbDV2jUeQRI5wPN/M49umZDhiE
Behavioral task
behavioral1
Sample
kinizamail file 09.26.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
kinizamail file 09.26.doc
-
Size
867KB
-
MD5
a9cf396b1f278af3191829b6c9710574
-
SHA1
5af91f7058d68056d52a023963a15b7513c5917e
-
SHA256
50a281a000cf9f1fe9223ea81ccc08a6768208358846a2d32b1399325a6c64dd
-
SHA512
75085d2d06a9595baea22076fd9e658d547f8970d8eca9ad81a4ae4e1992035f967fb1076e2fd7183f58e7604ffb90d68b9eb9839066a30c8ea81a6e13ab9b3c
-
SSDEEP
12288:+1obDVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DE/49umuVOkGnCy3PBtYE:XbDV2jUeQRI5wPN/M49umZDhiE
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-