General
-
Target
af24985e30034e84546c6579e42388e5.bin
-
Size
1.3MB
-
Sample
230116-1z4hjaab6x
-
MD5
d0484d90014f6f006e1a07605557bcec
-
SHA1
b939c861def09ff4a3c638c3fcf1bebe9ea7e49a
-
SHA256
a95e63133e4b721f71c0a7bccd57d76a3089c28b249ddf02e11b0de657f9ae15
-
SHA512
e72aa381b6005a7cf4e55db72bb5fe040eb8616fa250d6a85682f729f15faf92710353aafebf14f54d8ece3d6347559747f135bb7308d0a75b84dddb3c1099f8
-
SSDEEP
24576:dgGbItol7gRpg5hSvH4S1BFHeybAr6DjOqGwFDqVwPgjIiGIF+l9/Qf3PTQlmK:xm2opuwNrbArgxXDqkgGkMx
Behavioral task
behavioral1
Sample
014827baac8a836d570203d3ff88b22957dcedd1cc4eae49e4ac62334f4f4903.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
014827baac8a836d570203d3ff88b22957dcedd1cc4eae49e4ac62334f4f4903.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
014827baac8a836d570203d3ff88b22957dcedd1cc4eae49e4ac62334f4f4903.docm
-
Size
1.3MB
-
MD5
af24985e30034e84546c6579e42388e5
-
SHA1
01dfe26012b31dc7d05ad40a14f48572c9476b5c
-
SHA256
014827baac8a836d570203d3ff88b22957dcedd1cc4eae49e4ac62334f4f4903
-
SHA512
6f04234605924ce3c9fd9b5692d8624e45ef8ef6b977e65ed25909fc8f621844c1572501a247bbed0ac65c647504c1801d0213a1eaeea007294410a61b3a79a5
-
SSDEEP
24576:/1pJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRD0G7EzqHm+BmcC:/1pJmgf3zliFppnKqG+i
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-