General
-
Target
56dfd0392114e4fe63897ea7c2504e05.bin
-
Size
1.3MB
-
Sample
230116-y5zqesgh5v
-
MD5
42eac87d5cb7ca2ee4ff6d66eef05bf9
-
SHA1
2baee9076f9b2a13f011bb2d05d20fac08a22304
-
SHA256
93cf186916626170e6db0e6c84b701f0f363c52db05ddf7a5d42063a746487af
-
SHA512
33c8fdd6bacb8bed1a3a3572c18663cb1e6caf3b9ddac0bc9a00c40ce04fee27b32a2f60763f2c3c6249e22df131daf9ec92236a027356e8de552b856884b89a
-
SSDEEP
24576:xngu6XQ0u96gJpH4ImjBLcjSS7P75G4JMHm07EX1AO5hmi1a5L4u:xngF3u9zH4I0cjNP75GFtElAKsD
Behavioral task
behavioral1
Sample
c6a9f4fb2f8bdd9bffb55280ee53eddb077ed97707151edd64aac9490bc210dc.docm
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
c6a9f4fb2f8bdd9bffb55280ee53eddb077ed97707151edd64aac9490bc210dc.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
c6a9f4fb2f8bdd9bffb55280ee53eddb077ed97707151edd64aac9490bc210dc.docm
-
Size
1.3MB
-
MD5
56dfd0392114e4fe63897ea7c2504e05
-
SHA1
ae147c5634808acc258f7e94156ecdca3a628267
-
SHA256
c6a9f4fb2f8bdd9bffb55280ee53eddb077ed97707151edd64aac9490bc210dc
-
SHA512
569d8092ed752de8e38b1eaf7ac8cc84c32b77b00f1ae278aff9858082ba0da241f387b78c4bb7f626b2d9ad9569ef59ab7b922e2bc033cda549b6dc816ad2f2
-
SSDEEP
24576://npJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDaG7EzqHm+Bmcg://pJmgf3zliFppZKqG+A
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-