General
-
Target
illwriteitdoc09.26.doc
-
Size
865KB
-
Sample
220926-wmg2jsbfb4
-
MD5
119d9873a73ecf1bb09217add9f7993e
-
SHA1
d527335c5f23f183db3293f27cd4fce68d2f42cc
-
SHA256
16eb58ed162137bd71290883d35032cbe2f7d68fbfd3b95a9ba2f61a55112db1
-
SHA512
9cc7a9ebf6c5aad8f3d6ffb2a3aceecc1e2f31eb2619b1045b55c10cf6f85f24811b2e0ea075ee5897e1d07808384e5524189efb3ceec18a906ed6c6d78fca55
-
SSDEEP
12288:VgrSVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEeaG9kaRw+RWGgQ:VgeV2jUeQRI5wPN/NkARWGL
Behavioral task
behavioral1
Sample
illwriteitdoc09.26.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
illwriteitdoc09.26.doc
-
Size
865KB
-
MD5
119d9873a73ecf1bb09217add9f7993e
-
SHA1
d527335c5f23f183db3293f27cd4fce68d2f42cc
-
SHA256
16eb58ed162137bd71290883d35032cbe2f7d68fbfd3b95a9ba2f61a55112db1
-
SHA512
9cc7a9ebf6c5aad8f3d6ffb2a3aceecc1e2f31eb2619b1045b55c10cf6f85f24811b2e0ea075ee5897e1d07808384e5524189efb3ceec18a906ed6c6d78fca55
-
SSDEEP
12288:VgrSVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEeaG9kaRw+RWGgQ:VgeV2jUeQRI5wPN/NkARWGL
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-