General
-
Target
8c8f206c903ee4b4561592a473d7a13e.bin
-
Size
1.3MB
-
Sample
230116-z8ckqshf5y
-
MD5
68a83f5e9e97bc80fa089a44307f20b4
-
SHA1
086e94e05d69c84807558137c4eff14603fdd75d
-
SHA256
36e903323af31a15a8572718738f11425a0b8fb18c43b1e1767a4b0baec6cb43
-
SHA512
7625e0186fd8450c7e5f03aa385cddbba5f9116fef087b9eb22bc111b7a59b79981ca7848139ff946ddd84feab56788d2970f4b3ac8fd4c753c1b82c0867f01a
-
SSDEEP
24576:QdWabKDpPsQhTihukcyaOKHkJDYpZveaBtwuz75YV7VqF+LZb:QfI1hTA4nso7twu6VRnb
Behavioral task
behavioral1
Sample
a074a4b714a0db7d33a60eef8796605efcb2b41c109370231dc8b972bb6c45fe.docm
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a074a4b714a0db7d33a60eef8796605efcb2b41c109370231dc8b972bb6c45fe.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
a074a4b714a0db7d33a60eef8796605efcb2b41c109370231dc8b972bb6c45fe.docm
-
Size
1.3MB
-
MD5
8c8f206c903ee4b4561592a473d7a13e
-
SHA1
f6522e0d59c81c19076ca634eb892c4aca33d992
-
SHA256
a074a4b714a0db7d33a60eef8796605efcb2b41c109370231dc8b972bb6c45fe
-
SHA512
f340da930c0f923480ee832a0c060fb499095a4a0e39620e11846cdf7fd953772190779393b763a1a48fa8187815bd5d19885151e60e05cc7948fe277583feb3
-
SSDEEP
24576:/qpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDYG7EzqHm+Bmcn:/qpJmgf3zliFppTKqG+H
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-