General
-
Target
infowest,doc,09.26.22.doc
-
Size
866KB
-
Sample
220926-wmgqsabfb3
-
MD5
ad46c3a3740500f1725120c865fb23ef
-
SHA1
2928070f0b1b84749fdd07f61f04f906fdf25807
-
SHA256
994afac3be849124810bf5eac058baf805cee4fb17d9f1d74f48d645f456911e
-
SHA512
181883980403243464584fbda096d0d7f3f7b9765592f286dc42f0b07445c06612e89eb7bec8febf9f6f8a7f38509bd2e6cca6ad5a836eb3107e657a26c83961
-
SSDEEP
12288:IVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DElZIYn73jx2xbibdOgv:IV2jUeQRI5wPN/CZIW3t2xOROgv
Behavioral task
behavioral1
Sample
infowest,doc,09.26.22.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
infowest,doc,09.26.22.doc
-
Size
866KB
-
MD5
ad46c3a3740500f1725120c865fb23ef
-
SHA1
2928070f0b1b84749fdd07f61f04f906fdf25807
-
SHA256
994afac3be849124810bf5eac058baf805cee4fb17d9f1d74f48d645f456911e
-
SHA512
181883980403243464584fbda096d0d7f3f7b9765592f286dc42f0b07445c06612e89eb7bec8febf9f6f8a7f38509bd2e6cca6ad5a836eb3107e657a26c83961
-
SSDEEP
12288:IVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DElZIYn73jx2xbibdOgv:IV2jUeQRI5wPN/CZIW3t2xOROgv
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-