General
-
Target
laughingchickenfarm,doc,09.26.22.doc
-
Size
867KB
-
Sample
220926-x8yf4abha6
-
MD5
5de660dafdc6d7e701302c7d6f015b93
-
SHA1
b4c2328185b0ca336788bf853f4eb35c1d986bf8
-
SHA256
1965899f73d123cc4f4cd43f8678e3e98a60ef8b3d079e424619e06d58fd6824
-
SHA512
90baa061f60ad751c72cf5fe9b75a9d08c94e6916aae8a1c36b27d11f06645c615546069fb448b14b53044318ea0a1f75733fa83f25a34fe8aec2748dac06452
-
SSDEEP
12288:0WhVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEoxM/KD3XA4k:0WhV2jUeQRI5wPN/2KD3w4k
Behavioral task
behavioral1
Sample
laughingchickenfarm,doc,09.26.22.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
laughingchickenfarm,doc,09.26.22.doc
-
Size
867KB
-
MD5
5de660dafdc6d7e701302c7d6f015b93
-
SHA1
b4c2328185b0ca336788bf853f4eb35c1d986bf8
-
SHA256
1965899f73d123cc4f4cd43f8678e3e98a60ef8b3d079e424619e06d58fd6824
-
SHA512
90baa061f60ad751c72cf5fe9b75a9d08c94e6916aae8a1c36b27d11f06645c615546069fb448b14b53044318ea0a1f75733fa83f25a34fe8aec2748dac06452
-
SSDEEP
12288:0WhVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEoxM/KD3XA4k:0WhV2jUeQRI5wPN/2KD3w4k
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-