General
-
Target
grupomidas,file,12.23.docm
-
Size
1.3MB
-
Sample
221224-wlv7saad29
-
MD5
baa0966b3cf54af493b2fe1186d65d48
-
SHA1
f003b0c3bec59255a80598cdcb870e60a46df404
-
SHA256
b549c1964d73074e2cc05000743ac6cdcbf6f82d1bf8b0a430beb4a368feab95
-
SHA512
cd45d649e7e6f76d74256df5ae7a14ba9418b877e4b565518cd7b8bdb19ed20a4acb5afa11a82167f224988b30df609af6b73c4a72156b57c33a99df3e33a0a3
-
SSDEEP
24576:/EpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDOG7EzqHm+Bmc0:/EpJmgf3zliFpp1KqG+U
Behavioral task
behavioral1
Sample
grupomidas,file,12.23.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
grupomidas,file,12.23.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
grupomidas,file,12.23.docm
-
Size
1.3MB
-
MD5
baa0966b3cf54af493b2fe1186d65d48
-
SHA1
f003b0c3bec59255a80598cdcb870e60a46df404
-
SHA256
b549c1964d73074e2cc05000743ac6cdcbf6f82d1bf8b0a430beb4a368feab95
-
SHA512
cd45d649e7e6f76d74256df5ae7a14ba9418b877e4b565518cd7b8bdb19ed20a4acb5afa11a82167f224988b30df609af6b73c4a72156b57c33a99df3e33a0a3
-
SSDEEP
24576:/EpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDOG7EzqHm+Bmc0:/EpJmgf3zliFpp1KqG+U
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-