General
-
Target
6b395162cb1adab40234d8a1aad61f59.bin
-
Size
1.3MB
-
Sample
230116-zm2bzadd28
-
MD5
5081a7c0f415a61b5c8f68a5c8d07307
-
SHA1
da9d5e92ecc4ea716a160684597e11b05eb9e628
-
SHA256
195ce62d8cec60bdcdf44de9ee93a174147f1decfe29768bf4a0383513b1ccb6
-
SHA512
27b6d960d2b8637078a18d3c693b94e421db4053ec1b8d7e5253d8d9c95d51caeb147698728f5bac9cba6c5f05dd3fc3ed1d66b201ce2b2f475cac81ddc6b2ad
-
SSDEEP
24576:YkoQRd2LfCdbSqmn5HIusKoF4xjfzuzG9ziqTVlHjI4jUmTTJY/b74KJkvm:YMPuyCHIuLoF4xjrZVlDIRmvqkvm
Behavioral task
behavioral1
Sample
61c0ce00f478266efdf81501a794c80def1806bd4641618844c424185ff35fc8.docm
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
61c0ce00f478266efdf81501a794c80def1806bd4641618844c424185ff35fc8.docm
Resource
win10v2004-20221111-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
61c0ce00f478266efdf81501a794c80def1806bd4641618844c424185ff35fc8.docm
-
Size
1.3MB
-
MD5
6b395162cb1adab40234d8a1aad61f59
-
SHA1
80a6d8c3c8e98946bdf94c0582442a295ca334cf
-
SHA256
61c0ce00f478266efdf81501a794c80def1806bd4641618844c424185ff35fc8
-
SHA512
3152828ac6564b180c0ea49b7b62c0f7fb56c43a6b8285fbf4c9a4ee4fd50d34757346913523653670984741668ea4502cb6b87f17f074a30ae22549c6b2231a
-
SSDEEP
24576:/00pJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDgG7EzqHm+BmcQ:/FpJmgf3zliFpprKqG+w
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-