General
-
Target
0d30c944f3a25dd5a3d3300dce762a4c.bin
-
Size
1.3MB
-
Sample
230116-xhzapsbe67
-
MD5
a923e823089e4834b6e2ec103b7fb9d9
-
SHA1
836a68c2e3c7966ed55c3c8ffc056e40031abae4
-
SHA256
dfe55c46fe42e49949430479787aafed97a5420bf4632b800d339b7d360e8420
-
SHA512
9549a8b4467d051c063119550111147b071a795271cd4f44553d89a0ad02a13413bd79f873a35b4e053bd4a6136506874d6a397f1c3b6549d74b69cb21e5c9c4
-
SSDEEP
24576:MH+BpMoZlnUwNbZ+X3UrNU4ofxecZXe8kf/gMKCFv4fMBWSwg7ZwNumP2hPhqbW5:MH+LMo3rt+XP3Nu8kXgg8UX3ZwNn2Dso
Behavioral task
behavioral1
Sample
b6748e63c66c4dadff044129ac5224722b527969c4afa8572a35b29b0a28d15e.docm
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
b6748e63c66c4dadff044129ac5224722b527969c4afa8572a35b29b0a28d15e.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
b6748e63c66c4dadff044129ac5224722b527969c4afa8572a35b29b0a28d15e.docm
-
Size
1.3MB
-
MD5
0d30c944f3a25dd5a3d3300dce762a4c
-
SHA1
039278d36e0e2e0e37287bcba10ab0ce194ebe74
-
SHA256
b6748e63c66c4dadff044129ac5224722b527969c4afa8572a35b29b0a28d15e
-
SHA512
3d007dc0cbec5d2947248abf5b07c00b4a6be7687ade14dd1f4adcf4151e46f2f8099f598dca11cb160a7229e4264ca975dd3375ad6f016f157dc85801575a17
-
SSDEEP
24576:/xpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRD8G7EzqHm+Bmcq:/xpJmgf3zliFpp/KqG+K
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-