General
-
Target
reelwireless-document-11.10.doc
-
Size
1.3MB
-
Sample
221111-hjmkzabhfm
-
MD5
f02ec338d4d52b666ea5c99465586035
-
SHA1
afdeda15ed8cc46874a44bfad63a55c438db3bfe
-
SHA256
73d4b9459c060c12cb1c55a0fec2b14c1cc1f1a3a54a46c881195ea923da0280
-
SHA512
588e78e08500ab8c22d9c169e2384f263148936aa10fc3bfed7fd5790d89b681cbb6161a207dc1c21007bea2a6e303689c5af9f11aec91f6db5f794a0f5a207f
-
SSDEEP
24576:+SEM3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cIIdp3OKY:LX7YGkeTWTBSqulzSA9erCMPYkeKY
Behavioral task
behavioral1
Sample
reelwireless-document-11.10.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
reelwireless-document-11.10.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1292139634
Extracted
icedid
1292139634
oiurkastarting.com
Targets
-
-
Target
reelwireless-document-11.10.doc
-
Size
1.3MB
-
MD5
f02ec338d4d52b666ea5c99465586035
-
SHA1
afdeda15ed8cc46874a44bfad63a55c438db3bfe
-
SHA256
73d4b9459c060c12cb1c55a0fec2b14c1cc1f1a3a54a46c881195ea923da0280
-
SHA512
588e78e08500ab8c22d9c169e2384f263148936aa10fc3bfed7fd5790d89b681cbb6161a207dc1c21007bea2a6e303689c5af9f11aec91f6db5f794a0f5a207f
-
SSDEEP
24576:+SEM3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cIIdp3OKY:LX7YGkeTWTBSqulzSA9erCMPYkeKY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-