General
-
Target
sigecom,document,11.10.2022.doc
-
Size
1.3MB
-
Sample
221111-g4b5asbgbq
-
MD5
969b853ec465e25e6a9de2ca0498d7fd
-
SHA1
5f897e52ef42c14b8b86e4a356a268fa4e5d3c44
-
SHA256
9742374407caa0aa213d4c447a94faab8011e1273bc97929d9678eaf172c62ef
-
SHA512
e6632d3cff55fd998e970b5b984a3c4e5e9afac3ead2c615e1a4ffff93464b74132dd814be904fe0c481e9e85f69411cc4a00827e6bdfac73731545eb82fe344
-
SSDEEP
24576:D7M3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cYA:kX7YGkeTWTBSqulzSA9erCMPYw
Behavioral task
behavioral1
Sample
sigecom,document,11.10.2022.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
sigecom,document,11.10.2022.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1292139634
Extracted
icedid
1292139634
oiurkastarting.com
Targets
-
-
Target
sigecom,document,11.10.2022.doc
-
Size
1.3MB
-
MD5
969b853ec465e25e6a9de2ca0498d7fd
-
SHA1
5f897e52ef42c14b8b86e4a356a268fa4e5d3c44
-
SHA256
9742374407caa0aa213d4c447a94faab8011e1273bc97929d9678eaf172c62ef
-
SHA512
e6632d3cff55fd998e970b5b984a3c4e5e9afac3ead2c615e1a4ffff93464b74132dd814be904fe0c481e9e85f69411cc4a00827e6bdfac73731545eb82fe344
-
SSDEEP
24576:D7M3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cYA:kX7YGkeTWTBSqulzSA9erCMPYw
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-