General
-
Target
440b56bb35362c65c9b8fc64a119aa36.bin
-
Size
1.3MB
-
Sample
230116-yp8cmacf33
-
MD5
4aefe32bdac842a72aceb4efbb84f308
-
SHA1
8d389010b86e50938361bd14fab6b7570919d25c
-
SHA256
21936b7bff52c51cee4048f32cf39b65bd9ea3fe111a9ddbe85bf16a2005a839
-
SHA512
330f8669144db765d6409b17ffdabae9e5b751ace8b09ce39300154b273f6200c9c29223611079d3dc5c8f4ff966130d6d9b7420edb4518d2d79dc93d6801d39
-
SSDEEP
24576:PbM9ML7igni/bEBZvcEwvIp4si/qCGWX6+4TVeDxNQZsMN4F+M7CDF5D0HlyYDY:TdaMMJC4si/qCb6+4TMxNQZss4F+YGDx
Behavioral task
behavioral1
Sample
646dcfd47d1e5426d9669777582923cf1e7c474f80bc86df282df04925ee80e9.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
646dcfd47d1e5426d9669777582923cf1e7c474f80bc86df282df04925ee80e9.docm
Resource
win10v2004-20220812-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
646dcfd47d1e5426d9669777582923cf1e7c474f80bc86df282df04925ee80e9.docm
-
Size
1.3MB
-
MD5
440b56bb35362c65c9b8fc64a119aa36
-
SHA1
c73967db942b92ae2c78efd36be1595cd298bb99
-
SHA256
646dcfd47d1e5426d9669777582923cf1e7c474f80bc86df282df04925ee80e9
-
SHA512
35976e273aaf43683201bc00ea3efcf0f59f2ee76a3a25b5165268e18b9a51868005f9a69a07a1e28e998ce408fcd5f5e2e93ccbb4c6e8be35a487d159da32de
-
SSDEEP
24576:/jpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDcG7EzqHm+BmcZ:/jpJmgf3zliFppfKqG+5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-