General
-
Target
iw doc 12.23.22.docm
-
Size
1.3MB
-
Sample
221224-wlwhjsde6x
-
MD5
da3d50b5b2b517ac2af4bae580b37096
-
SHA1
b19959934823793936ede475478f6e2bc7d66e1f
-
SHA256
a53e7243b0789a1b6dc0ccbabe64380ed6e1410d1e3f51ce6a9e383c0721bce8
-
SHA512
c70ca2a82e6df924dfdab8a70dda9df898408c4ee7a25e5ca83a48ccb6830456ca6f1dd656a05884421e8cc8c00c9f083a39b1efc4c6eca2c1225269d97ca026
-
SSDEEP
24576:/uDpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDEG7EzqHm+Bmch:/KpJmgf3zliFpp3KqG+B
Behavioral task
behavioral1
Sample
iw doc 12.23.22.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
iw doc 12.23.22.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1212497363
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
iw doc 12.23.22.docm
-
Size
1.3MB
-
MD5
da3d50b5b2b517ac2af4bae580b37096
-
SHA1
b19959934823793936ede475478f6e2bc7d66e1f
-
SHA256
a53e7243b0789a1b6dc0ccbabe64380ed6e1410d1e3f51ce6a9e383c0721bce8
-
SHA512
c70ca2a82e6df924dfdab8a70dda9df898408c4ee7a25e5ca83a48ccb6830456ca6f1dd656a05884421e8cc8c00c9f083a39b1efc4c6eca2c1225269d97ca026
-
SSDEEP
24576:/uDpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDEG7EzqHm+Bmch:/KpJmgf3zliFpp3KqG+B
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-