General
-
Target
acclaimdi-doc-12.23.22.docm
-
Size
1.3MB
-
Sample
221224-wlxqlsad34
-
MD5
6b395162cb1adab40234d8a1aad61f59
-
SHA1
80a6d8c3c8e98946bdf94c0582442a295ca334cf
-
SHA256
61c0ce00f478266efdf81501a794c80def1806bd4641618844c424185ff35fc8
-
SHA512
3152828ac6564b180c0ea49b7b62c0f7fb56c43a6b8285fbf4c9a4ee4fd50d34757346913523653670984741668ea4502cb6b87f17f074a30ae22549c6b2231a
-
SSDEEP
24576:/00pJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDgG7EzqHm+BmcQ:/FpJmgf3zliFpprKqG+w
Behavioral task
behavioral1
Sample
acclaimdi-doc-12.23.22.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
acclaimdi-doc-12.23.22.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1212497363
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
acclaimdi-doc-12.23.22.docm
-
Size
1.3MB
-
MD5
6b395162cb1adab40234d8a1aad61f59
-
SHA1
80a6d8c3c8e98946bdf94c0582442a295ca334cf
-
SHA256
61c0ce00f478266efdf81501a794c80def1806bd4641618844c424185ff35fc8
-
SHA512
3152828ac6564b180c0ea49b7b62c0f7fb56c43a6b8285fbf4c9a4ee4fd50d34757346913523653670984741668ea4502cb6b87f17f074a30ae22549c6b2231a
-
SSDEEP
24576:/00pJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDgG7EzqHm+BmcQ:/FpJmgf3zliFpprKqG+w
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-