General
-
Target
08a2ebd8fbbfd82744696f5b94df0f8b.bin
-
Size
1.3MB
-
Sample
230116-xhelasfe71
-
MD5
34574da1baeab4b4d19a28d034a5b533
-
SHA1
f4fb9fc6369b91b32b3a18d7c80564898465e80e
-
SHA256
6b43e4ef1e2ce50b3d06d3edab4ae26aebea1312c65db393bb40178f3199104f
-
SHA512
915ae354d25ad96298c2616905b6e4f3f1a50533a4b701218558536db462df676aae1458abe1d1e190a03fdcd4c8ddd0828a495145659339e7e79482d04e14cb
-
SSDEEP
24576:oEw1C+Xp2BOCW6U87JrZjBRohAUvPkI9dqB80/pKtncFuRJaiiVEKLQtJV:41lD6U8pFEH9dmB/8tnJbatFLSD
Behavioral task
behavioral1
Sample
4852643fe93b40df2474b42cd3e5d66f96103f10b7bdc742d9d31691803861d6.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4852643fe93b40df2474b42cd3e5d66f96103f10b7bdc742d9d31691803861d6.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
4852643fe93b40df2474b42cd3e5d66f96103f10b7bdc742d9d31691803861d6.docm
-
Size
1.3MB
-
MD5
08a2ebd8fbbfd82744696f5b94df0f8b
-
SHA1
2101ba42a90d76bae2d1e4a6b5bea49fae714e13
-
SHA256
4852643fe93b40df2474b42cd3e5d66f96103f10b7bdc742d9d31691803861d6
-
SHA512
7ecbce39a98265c8e3afb6649ea50fe6d6c6ee5069d1ddc182b2906ebfd81acfe5227fb14d958aea018f7fa265694fed56003eac134a7074b1b9045b90b85823
-
SSDEEP
24576:/vpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDEG7EzqHm+Bmch:/vpJmgf3zliFpp3KqG+B
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-