General
-
Target
baa0966b3cf54af493b2fe1186d65d48.bin
-
Size
1.3MB
-
Sample
230116-2bgjjaee24
-
MD5
b181959c54497870701cbea40b8e92f9
-
SHA1
1adb1586d95070c47ba05420985ccf71562999c0
-
SHA256
b3d1372c49574568b70bb66817b27547024f3cceb70a4159b219096e851409ea
-
SHA512
5059ae4b8c12e3054a99ff9511ea3196bcede0fc71508d160016dffb4d6d9c16377a5725abc1f4c27fee66efbfd18b7a9ad1beec8008a545a3a45b83cca80fd0
-
SSDEEP
24576:rBGh1UEFRL653ckyb40rEScvcKyJexApj1bCPzFGZ0+PXTZnQmiEGa0CBjcEz/QX:lGh1U2253PFL2KysQ1bPZ0+7tZ7VBjQR
Behavioral task
behavioral1
Sample
b549c1964d73074e2cc05000743ac6cdcbf6f82d1bf8b0a430beb4a368feab95.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b549c1964d73074e2cc05000743ac6cdcbf6f82d1bf8b0a430beb4a368feab95.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
b549c1964d73074e2cc05000743ac6cdcbf6f82d1bf8b0a430beb4a368feab95.docm
-
Size
1.3MB
-
MD5
baa0966b3cf54af493b2fe1186d65d48
-
SHA1
f003b0c3bec59255a80598cdcb870e60a46df404
-
SHA256
b549c1964d73074e2cc05000743ac6cdcbf6f82d1bf8b0a430beb4a368feab95
-
SHA512
cd45d649e7e6f76d74256df5ae7a14ba9418b877e4b565518cd7b8bdb19ed20a4acb5afa11a82167f224988b30df609af6b73c4a72156b57c33a99df3e33a0a3
-
SSDEEP
24576:/EpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDOG7EzqHm+Bmc0:/EpJmgf3zliFpp1KqG+U
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-