General
-
Target
alfordauto_file_09.28.doc
-
Size
865KB
-
Sample
220928-sdg4eahdcl
-
MD5
83403249d80c0b07d430a7cb9f6014e0
-
SHA1
b1315c971f5e2f60ec94720663a64dd7f15ba95d
-
SHA256
cccd5cabe6c297fe66bbf2db5d1c9f9d0afef3a2c6a09738b79ad066ae98e23b
-
SHA512
88a1ca8528d6afc2bcd8cac66ad86d51925b2d90341ab8428a65fde3ab1ec5d42165ca5f285f122e832ca9726cd070082021ade78c6abc1aef0dc5fdbbaa4273
-
SSDEEP
12288:xNXgVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEh0y8aR3skQymOxtUo:xNXgV2jUeQRI5wPN/jS//
Behavioral task
behavioral1
Sample
alfordauto_file_09.28.docm
Resource
win7-20220901-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
alfordauto_file_09.28.doc
-
Size
865KB
-
MD5
83403249d80c0b07d430a7cb9f6014e0
-
SHA1
b1315c971f5e2f60ec94720663a64dd7f15ba95d
-
SHA256
cccd5cabe6c297fe66bbf2db5d1c9f9d0afef3a2c6a09738b79ad066ae98e23b
-
SHA512
88a1ca8528d6afc2bcd8cac66ad86d51925b2d90341ab8428a65fde3ab1ec5d42165ca5f285f122e832ca9726cd070082021ade78c6abc1aef0dc5fdbbaa4273
-
SSDEEP
12288:xNXgVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEh0y8aR3skQymOxtUo:xNXgV2jUeQRI5wPN/jS//
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-