Overview

overview

10

Static

static

8

sigecom,do...2.docm

windows7-x64

10

sigecom,do...2.docm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sigecom,document,11.10.2022.doc

  • Size

    1.3MB

  • Sample

    221111-g4b5asbgbq

  • MD5

    969b853ec465e25e6a9de2ca0498d7fd

  • SHA1

    5f897e52ef42c14b8b86e4a356a268fa4e5d3c44

  • SHA256

    9742374407caa0aa213d4c447a94faab8011e1273bc97929d9678eaf172c62ef

  • SHA512

    e6632d3cff55fd998e970b5b984a3c4e5e9afac3ead2c615e1a4ffff93464b74132dd814be904fe0c481e9e85f69411cc4a00827e6bdfac73731545eb82fe344

  • SSDEEP

    24576:D7M3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cYA:kX7YGkeTWTBSqulzSA9erCMPYw

Score
10/10
icedid1292139634bankerloadermacrotrojan

Malware Config

Extracted

Family

icedid

Campaign

1292139634

Extracted

Family

icedid

Campaign

1292139634

C2

oiurkastarting.com

Targets

    • Target

      sigecom,document,11.10.2022.doc

    • Size

      1.3MB

    • MD5

      969b853ec465e25e6a9de2ca0498d7fd

    • SHA1

      5f897e52ef42c14b8b86e4a356a268fa4e5d3c44

    • SHA256

      9742374407caa0aa213d4c447a94faab8011e1273bc97929d9678eaf172c62ef

    • SHA512

      e6632d3cff55fd998e970b5b984a3c4e5e9afac3ead2c615e1a4ffff93464b74132dd814be904fe0c481e9e85f69411cc4a00827e6bdfac73731545eb82fe344

    • SSDEEP

      24576:D7M3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cYA:kX7YGkeTWTBSqulzSA9erCMPYw

    Score
    10/10
    icedid1292139634bankertrojanloader

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks