General
-
Target
chrisbryce document 09.28.22.doc
-
Size
866KB
-
Sample
220928-vbh9ssgeh7
-
MD5
39e9bea9c5ab21d972bb27115b4d4320
-
SHA1
3cbf53e5a1247a9db30c8f64bcfbc59c1d0b88fe
-
SHA256
7d58275a08f80b689b595cabd092d8466ab645db8de60b9cfde04b89738ff778
-
SHA512
e3e619ef73eb9cd88af95764fbdc4fca651a9d2618fbedeb0c5b5991f29a8762c291da27d04f785fb664962fc4ce2422cabaef58f49b332b220a4d52ae821272
-
SSDEEP
12288:GVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEO4gb9oeU9g4/PXSYqcMmB:GV2jUeQRI5wPN/5Zb9oeZKPXSYqcMmB
Behavioral task
behavioral1
Sample
chrisbryce document 09.28.22.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
742081363
Extracted
icedid
742081363
scainznorka.com
Targets
-
-
Target
chrisbryce document 09.28.22.doc
-
Size
866KB
-
MD5
39e9bea9c5ab21d972bb27115b4d4320
-
SHA1
3cbf53e5a1247a9db30c8f64bcfbc59c1d0b88fe
-
SHA256
7d58275a08f80b689b595cabd092d8466ab645db8de60b9cfde04b89738ff778
-
SHA512
e3e619ef73eb9cd88af95764fbdc4fca651a9d2618fbedeb0c5b5991f29a8762c291da27d04f785fb664962fc4ce2422cabaef58f49b332b220a4d52ae821272
-
SSDEEP
12288:GVE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DEO4gb9oeU9g4/PXSYqcMmB:GV2jUeQRI5wPN/5Zb9oeZKPXSYqcMmB
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-