General
-
Target
05b491c991cc4374caba0454d402b864.bin
-
Size
1.3MB
-
Sample
230116-xd2j9sfd7x
-
MD5
cf824410b9f6f50c917ce0d9fd0b3623
-
SHA1
13b1e472cf625ef51f9237ff9fd118429a75486d
-
SHA256
1e07ff82232f6743128c8e8ca6c487b24d07035efb5ebe382af1ae8ba087e895
-
SHA512
4def2cbca5a58c9264ea8345a18be131e2c0ee7c2c405f6c6b02f59fe82dd6b5b0a870e686986d261d112a5620487227f692699780935fcc1a087d48caaad6ff
-
SSDEEP
24576:hdrwEL+mAg66RFon0nF9dMQivP0l66x3OKXEKEl6UUi2L6zP:frw6d6OKfED3II2P
Behavioral task
behavioral1
Sample
b075a39ce88b3ef6ba75a342aae4abbbcacb9a369f52c7406e0a1e466ed112d5.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b075a39ce88b3ef6ba75a342aae4abbbcacb9a369f52c7406e0a1e466ed112d5.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
b075a39ce88b3ef6ba75a342aae4abbbcacb9a369f52c7406e0a1e466ed112d5.docm
-
Size
1.3MB
-
MD5
05b491c991cc4374caba0454d402b864
-
SHA1
b298e08f15f70d42267992b5827dc36a0521cb83
-
SHA256
b075a39ce88b3ef6ba75a342aae4abbbcacb9a369f52c7406e0a1e466ed112d5
-
SHA512
2281408c624c0e2e1cb772e312c0a614921d3c7fedb6919f47886c1f0f7b145a159af97802651b5497a8dfb1de568b5d7d85c4d05363453dc7a9bdb3b84650eb
-
SSDEEP
24576:/bpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDFG7EzqHm+Bmcd:/bpJmgf3zliFppuKqG+9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-