General
-
Target
655402ee5fbd4bdd9a6e08703bb3452e.bin
-
Size
1.3MB
-
Sample
230116-zjg4xsdc56
-
MD5
adb78dca121456d334d7cfef4225242d
-
SHA1
86e90f78c45d939890e2ce77a72a9e5317d3df2e
-
SHA256
e1c32bbc2a3ed82e4ff06dc5941932fcb6dc9da813a965b275a1560e2c03c14f
-
SHA512
8d59eb9ad153fa2315dfb5d11db01c3e48dd138decac703f2fd9452a88bf3292f71b9dd83a974a956c177579a56bafe412e8a171528f1b780fbc8518bb96dcdd
-
SSDEEP
24576:LfUvKiUrTw44QheSi8I+mvc1ZYISN7AnSA7+VilTHLsbVR5nZaLssTIeq:LODUfF4VSi8I+oeZYpNcn7acHLsbxILi
Behavioral task
behavioral1
Sample
bd0512e03c8d40051d895de308e6e30c045470b54d47f1f71caea2675f01c468.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
bd0512e03c8d40051d895de308e6e30c045470b54d47f1f71caea2675f01c468.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
bd0512e03c8d40051d895de308e6e30c045470b54d47f1f71caea2675f01c468.docm
-
Size
1.3MB
-
MD5
655402ee5fbd4bdd9a6e08703bb3452e
-
SHA1
8bbd519f46ebcdb6fbb3912fec5e36a03ce205bb
-
SHA256
bd0512e03c8d40051d895de308e6e30c045470b54d47f1f71caea2675f01c468
-
SHA512
36456bd7d7b1231a0c68f7ff285a0044a8fedf26170ad36e95b21f743adc4f04226fb6f0b3defd15cc1aa7bf1fa7ea6c47c35791eddd5bfe0b7957c7b2720a25
-
SSDEEP
24576:/gpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDSG7EzqHm+Bmc7:/gpJmgf3zliFppBKqG+b
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-