General
-
Target
gsiglass.doc.12.23.2022.docm
-
Size
1.3MB
-
Sample
221224-wlx2daad35
-
MD5
dbd525ba3dbafcf6d02cb60aeb73c9a1
-
SHA1
a949398ca6c88a011c328718e8cb9926c07682c5
-
SHA256
33cd21ac3283931b01f413bd220098fa020a6f0b397a31a46182f380d828bf05
-
SHA512
600ee6def80683a4be1670663adc3997fe4b8983b9886e7b9cada8aceddcb68303e28eaff2efdea9ef746dab6e6c57a2809386fdb4a2f98f7e105ff23651c421
-
SSDEEP
24576:/MEZpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDJG7EzqHm+Bmc4:/MEZpJmgf3zliFpp6KqG+Y
Behavioral task
behavioral1
Sample
gsiglass.doc.12.23.2022.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
gsiglass.doc.12.23.2022.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1212497363
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
gsiglass.doc.12.23.2022.docm
-
Size
1.3MB
-
MD5
dbd525ba3dbafcf6d02cb60aeb73c9a1
-
SHA1
a949398ca6c88a011c328718e8cb9926c07682c5
-
SHA256
33cd21ac3283931b01f413bd220098fa020a6f0b397a31a46182f380d828bf05
-
SHA512
600ee6def80683a4be1670663adc3997fe4b8983b9886e7b9cada8aceddcb68303e28eaff2efdea9ef746dab6e6c57a2809386fdb4a2f98f7e105ff23651c421
-
SSDEEP
24576:/MEZpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDJG7EzqHm+Bmc4:/MEZpJmgf3zliFpp6KqG+Y
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-