Extracted

• • Target

    23b972352d2f4bf01185c1bf5b40679b0ed16fcc09820824885c09de9c2f5a42.docm

  • Size

    1.3MB

  • MD5

    779fce8225885de9744b8578bd046bcc

  • SHA1

    172c8190afe0bc34b8c9b779d680d212b2d3ea1e

  • SHA256

    23b972352d2f4bf01185c1bf5b40679b0ed16fcc09820824885c09de9c2f5a42

  • SHA512

    299b0a7b9eab09601b7e288e7896eae084aac5184c7acb39012ed76a5b2cf56e64794999a3d57139acf14ba273b63501784dfa8bc08568a0571294c59d4a1f9e

  • SSDEEP

    24576:/9aopJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDjG7EzqHm+Bmcq:/LpJmgf3zliFpp4KqG+K

  Score

  10^/10

  icedid1212497363bankerloadertrojan

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Blocklisted process makes network request

  • Loads dropped DLL

  behavioral1behavioral2