General
-
Target
kinvention document 12.23.2022.docm
-
Size
1.3MB
-
Sample
221224-wlv7saad27
-
MD5
710d02bc14e7ae6fb9316daea70eb50f
-
SHA1
43b2088237b35d6340cfcb7e5d9697f92a0a37c6
-
SHA256
2d1d3f54664713db91efc22f0f4978aa472e69f20875caa7643647bfee411668
-
SHA512
7e134a0943dd8eadb3c16f78f56362ba12a462d74d03ee13e0752f80f7321fa5817bee6ca6267a678efd15a2bcf6b42824c1c7fa2eebbca426b4caabec93d267
-
SSDEEP
24576:/YpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDJG7EzqHm+BmcI:/YpJmgf3zliFpp6KqG+o
Behavioral task
behavioral1
Sample
kinvention document 12.23.2022.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
kinvention document 12.23.2022.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1212497363
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
kinvention document 12.23.2022.docm
-
Size
1.3MB
-
MD5
710d02bc14e7ae6fb9316daea70eb50f
-
SHA1
43b2088237b35d6340cfcb7e5d9697f92a0a37c6
-
SHA256
2d1d3f54664713db91efc22f0f4978aa472e69f20875caa7643647bfee411668
-
SHA512
7e134a0943dd8eadb3c16f78f56362ba12a462d74d03ee13e0752f80f7321fa5817bee6ca6267a678efd15a2bcf6b42824c1c7fa2eebbca426b4caabec93d267
-
SSDEEP
24576:/YpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDJG7EzqHm+BmcI:/YpJmgf3zliFpp6KqG+o
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-