General
-
Target
xspedius,document,11.10.22.doc
-
Size
1.3MB
-
Sample
221111-24jjlacc78
-
MD5
be103615f75d0a68a86433f6853eb94b
-
SHA1
1e82c0bfee5c89eafe9e5212e0dc9d868031a3d2
-
SHA256
3ab0b570d30cae0109d7a68c6097963afd1b9815f3400ead6abae70128ec6590
-
SHA512
4f22a0652299fb40afe0fe4b0718864a568ba519d38ef93574fbaec78980abe6dd7be2cd59c7faf5ea55990a778d00c19cf50646326fe187b0b5252ccc566b08
-
SSDEEP
24576:xuqlM3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cs+Sx:UX7YGkeTWTBSqulzSA9erCMPYXZ
Behavioral task
behavioral1
Sample
xspedius,document,11.10.22.docm
Resource
win10-20220901-en
Malware Config
Extracted
icedid
1292139634
oiurkastarting.com
Targets
-
-
Target
xspedius,document,11.10.22.doc
-
Size
1.3MB
-
MD5
be103615f75d0a68a86433f6853eb94b
-
SHA1
1e82c0bfee5c89eafe9e5212e0dc9d868031a3d2
-
SHA256
3ab0b570d30cae0109d7a68c6097963afd1b9815f3400ead6abae70128ec6590
-
SHA512
4f22a0652299fb40afe0fe4b0718864a568ba519d38ef93574fbaec78980abe6dd7be2cd59c7faf5ea55990a778d00c19cf50646326fe187b0b5252ccc566b08
-
SSDEEP
24576:xuqlM3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cs+Sx:UX7YGkeTWTBSqulzSA9erCMPYXZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-