General
-
Target
477dc992c3bc3997a747f617ee1e4b779bb6363af2aa2c9fa0ab1586d4f2a26a.docm
-
Size
764KB
-
Sample
221203-bfe86aee6x
-
MD5
4598b258b84d842bd6b2969c37dbec63
-
SHA1
b8e3db1529c1fa63fa2a6e1b4199aa04dbbf5543
-
SHA256
477dc992c3bc3997a747f617ee1e4b779bb6363af2aa2c9fa0ab1586d4f2a26a
-
SHA512
09acbc8f743c0d211b542ce493caaf718ce0f9625186ac2428408c9d7c8955e4384ea1780f6910d0ec32619ddb5883aa6e8e41238d0ec1df179a91794592597a
-
SSDEEP
12288:/9a0X5VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DE8gNp3PRNKGh/Kr:/n5V2jUeQRI5wPN/5gNp3PRNKI/Kr
Behavioral task
behavioral1
Sample
477dc992c3bc3997a747f617ee1e4b779bb6363af2aa2c9fa0ab1586d4f2a26a.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
477dc992c3bc3997a747f617ee1e4b779bb6363af2aa2c9fa0ab1586d4f2a26a.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1313163077
oilcardirtoz.com
Targets
-
-
Target
477dc992c3bc3997a747f617ee1e4b779bb6363af2aa2c9fa0ab1586d4f2a26a.docm
-
Size
764KB
-
MD5
4598b258b84d842bd6b2969c37dbec63
-
SHA1
b8e3db1529c1fa63fa2a6e1b4199aa04dbbf5543
-
SHA256
477dc992c3bc3997a747f617ee1e4b779bb6363af2aa2c9fa0ab1586d4f2a26a
-
SHA512
09acbc8f743c0d211b542ce493caaf718ce0f9625186ac2428408c9d7c8955e4384ea1780f6910d0ec32619ddb5883aa6e8e41238d0ec1df179a91794592597a
-
SSDEEP
12288:/9a0X5VE9j2y+1JbeQbntrws6/GYzw6OFokpXfiiGef/DE8gNp3PRNKGh/Kr:/n5V2jUeQRI5wPN/5gNp3PRNKI/Kr
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-