General
-
Target
1e01c47850c37ea9baa4828dc210ff7a.bin
-
Size
1.3MB
-
Sample
230116-xzeydsga4z
-
MD5
eb2ba937963d64323de914737af09a51
-
SHA1
d76977c38d002f8dff65ba6e4d258293644cba1f
-
SHA256
9ad1aa9e90a274b8f47ddaf4f423b0928f37d57105ddf780398ef1bc62fb7833
-
SHA512
259d82e1904dc68ff2ea818d5c2ee45d555abb0a8a8c2a8cbfbb0e09b8c8d6023065bea1451986679d4e0bea87a559b3c80849d1f98e355d3af760e46c53ca22
-
SSDEEP
24576:O8fmy4Nwe2yu5pzmJqxyOx+1elCtpJ8YY8qWODwMQY8j6PAS6D58Kyrb1Um:Oyf4NOzmJqRlCzJ7Y8TODXQY8jm6DKKW
Behavioral task
behavioral1
Sample
c23b57235f44110edc1e435b5be54bac20ede351e2a390ae0e9aa889a58cf589.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
c23b57235f44110edc1e435b5be54bac20ede351e2a390ae0e9aa889a58cf589.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
c23b57235f44110edc1e435b5be54bac20ede351e2a390ae0e9aa889a58cf589.docm
-
Size
1.3MB
-
MD5
1e01c47850c37ea9baa4828dc210ff7a
-
SHA1
25165a04ef5022fde2816d5bda10ce0796ffc529
-
SHA256
c23b57235f44110edc1e435b5be54bac20ede351e2a390ae0e9aa889a58cf589
-
SHA512
092b35caaefa1176533f939039d4e27deaf0d28fd7b0dedab6463c760b0f479315a62b125ac73ab4ffc3bcbbfdbfa5072a5de637ed6f44a4b33886c337b1c77d
-
SSDEEP
24576:/opJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDBG7EzqHm+Bmcr:/opJmgf3zliFppiKqG+L
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-