General
-
Target
overlandchurchofchrist.document.11.11.2022.do.doc
-
Size
1.3MB
-
Sample
221111-hmg5nabhhq
-
MD5
f1cdcb9d58995e2925d2d9673f37401f
-
SHA1
5980eda8d8e9c8fc14738d150b21941fb5f02d09
-
SHA256
335a449fcacab5ef6951073d95f914e374d729c1dd6a6f71f96316714a73596a
-
SHA512
30c657fdaf73e7fd464fd8cb5b266f6413d285eaa0a355157bc8d3ae3ecb3b2ef3d776e05a1b19273c6ec57ab3aae4f1e5de8af26a4c0c2c3b6d0f0c23d077ac
-
SSDEEP
24576:M5RM3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cZim:JX7YGkeTWTBSqulzSA9erCMPYep
Behavioral task
behavioral1
Sample
overlandchurchofchrist.document.11.11.2022.do.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
overlandchurchofchrist.document.11.11.2022.do.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1292139634
Extracted
icedid
1292139634
oiurkastarting.com
Targets
-
-
Target
overlandchurchofchrist.document.11.11.2022.do.doc
-
Size
1.3MB
-
MD5
f1cdcb9d58995e2925d2d9673f37401f
-
SHA1
5980eda8d8e9c8fc14738d150b21941fb5f02d09
-
SHA256
335a449fcacab5ef6951073d95f914e374d729c1dd6a6f71f96316714a73596a
-
SHA512
30c657fdaf73e7fd464fd8cb5b266f6413d285eaa0a355157bc8d3ae3ecb3b2ef3d776e05a1b19273c6ec57ab3aae4f1e5de8af26a4c0c2c3b6d0f0c23d077ac
-
SSDEEP
24576:M5RM3HJByN63keT98TBa3qr6lzSAOCj3WxFVrCM84vAaD6cZim:JX7YGkeTWTBSqulzSA9erCMPYep
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-