General
-
Target
dodo-doc-12.23.docm
-
Size
1.3MB
-
Sample
221224-wlyb5sde8s
-
MD5
fccecb0deb25755fb7d60be2d42c7d24
-
SHA1
73b865be51b0577a83168ca76df125615d31b07a
-
SHA256
e85b452445ae19e8a458921c6e14d2c2697e003056f10ae49ab18b969f6aa821
-
SHA512
8a778b523f0a54ca0e0c6396e4d4471189bc1e0f69e84462a05b554d87a0a316d7c81991898b09dd5034571821b09267506e70eb55388c887915c64b04d2b315
-
SSDEEP
24576:/rlpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDNG7EzqHm+BmcW:/5pJmgf3zliFppmKqG+2
Behavioral task
behavioral1
Sample
dodo-doc-12.23.docm
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
dodo-doc-12.23.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
dodo-doc-12.23.docm
-
Size
1.3MB
-
MD5
fccecb0deb25755fb7d60be2d42c7d24
-
SHA1
73b865be51b0577a83168ca76df125615d31b07a
-
SHA256
e85b452445ae19e8a458921c6e14d2c2697e003056f10ae49ab18b969f6aa821
-
SHA512
8a778b523f0a54ca0e0c6396e4d4471189bc1e0f69e84462a05b554d87a0a316d7c81991898b09dd5034571821b09267506e70eb55388c887915c64b04d2b315
-
SSDEEP
24576:/rlpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDNG7EzqHm+BmcW:/5pJmgf3zliFppmKqG+2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-