General
-
Target
buyipc-document-09.28.doc
-
Size
866KB
-
Sample
220928-sdggwahdcj
-
MD5
7ebb1b1f88422f8c861d986df6a26aee
-
SHA1
fc1be107b21ab180a799df0402d5b4668e7fc3f2
-
SHA256
0296a52b9f9d974354ff716eed586ac71e2406611dc9013081846c90c05344c9
-
SHA512
963cff94f2f5a48fc51b5e540b1a9faac1964a7ae7ed42ff688e94e1cdbdbb25b3a59b436dfba80cd8343eee75a10ff636baf39ddcdb27b6d54b5ca2da9e4982
-
SSDEEP
12288:CiJtVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DESHNxkp/G7obR99d5Xi+:CiPV2jUeQRI5wPN/tHuGsd9Bi+
Behavioral task
behavioral1
Sample
buyipc-document-09.28.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
buyipc-document-09.28.doc
-
Size
866KB
-
MD5
7ebb1b1f88422f8c861d986df6a26aee
-
SHA1
fc1be107b21ab180a799df0402d5b4668e7fc3f2
-
SHA256
0296a52b9f9d974354ff716eed586ac71e2406611dc9013081846c90c05344c9
-
SHA512
963cff94f2f5a48fc51b5e540b1a9faac1964a7ae7ed42ff688e94e1cdbdbb25b3a59b436dfba80cd8343eee75a10ff636baf39ddcdb27b6d54b5ca2da9e4982
-
SSDEEP
12288:CiJtVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DESHNxkp/G7obR99d5Xi+:CiPV2jUeQRI5wPN/tHuGsd9Bi+
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-