General
-
Target
greenflashproductionsound-file-12.23.2022.doc.docm
-
Size
1.3MB
-
Sample
221224-wlwtbade6z
-
MD5
05b491c991cc4374caba0454d402b864
-
SHA1
b298e08f15f70d42267992b5827dc36a0521cb83
-
SHA256
b075a39ce88b3ef6ba75a342aae4abbbcacb9a369f52c7406e0a1e466ed112d5
-
SHA512
2281408c624c0e2e1cb772e312c0a614921d3c7fedb6919f47886c1f0f7b145a159af97802651b5497a8dfb1de568b5d7d85c4d05363453dc7a9bdb3b84650eb
-
SSDEEP
24576:/bpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDFG7EzqHm+Bmcd:/bpJmgf3zliFppuKqG+9
Behavioral task
behavioral1
Sample
greenflashproductionsound-file-12.23.2022.doc.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
greenflashproductionsound-file-12.23.2022.doc.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1212497363
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
greenflashproductionsound-file-12.23.2022.doc.docm
-
Size
1.3MB
-
MD5
05b491c991cc4374caba0454d402b864
-
SHA1
b298e08f15f70d42267992b5827dc36a0521cb83
-
SHA256
b075a39ce88b3ef6ba75a342aae4abbbcacb9a369f52c7406e0a1e466ed112d5
-
SHA512
2281408c624c0e2e1cb772e312c0a614921d3c7fedb6919f47886c1f0f7b145a159af97802651b5497a8dfb1de568b5d7d85c4d05363453dc7a9bdb3b84650eb
-
SSDEEP
24576:/bpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDFG7EzqHm+Bmcd:/bpJmgf3zliFppuKqG+9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-