General
-
Target
happypetsweymouth.co,doc,12.23.22.docm
-
Size
1.3MB
-
Sample
221224-wlxevade7v
-
MD5
4641a209abf345445c48a8444e384b42
-
SHA1
f3e93c658c38274ff92a5855a913e0d5c9798479
-
SHA256
cdeb995aa0014da04d86e84c40524ab2f45ce63ef7f3ce9fce04284e14faff2e
-
SHA512
dfa8532fa646d2e857da33d619466c5a4441c74b8f39e074b1a441aac6a20c5382af1b342d509993cff31ee8c850bb56d350823f9b9a980185d7f1938c348411
-
SSDEEP
24576:/bpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRD/G7EzqHm+Bmce:/bpJmgf3zliFppcKqG++
Behavioral task
behavioral1
Sample
happypetsweymouth.co,doc,12.23.22.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
happypetsweymouth.co,doc,12.23.22.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1212497363
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
happypetsweymouth.co,doc,12.23.22.docm
-
Size
1.3MB
-
MD5
4641a209abf345445c48a8444e384b42
-
SHA1
f3e93c658c38274ff92a5855a913e0d5c9798479
-
SHA256
cdeb995aa0014da04d86e84c40524ab2f45ce63ef7f3ce9fce04284e14faff2e
-
SHA512
dfa8532fa646d2e857da33d619466c5a4441c74b8f39e074b1a441aac6a20c5382af1b342d509993cff31ee8c850bb56d350823f9b9a980185d7f1938c348411
-
SSDEEP
24576:/bpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRD/G7EzqHm+Bmce:/bpJmgf3zliFppcKqG++
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-