General
-
Target
fccecb0deb25755fb7d60be2d42c7d24.bin
-
Size
1.3MB
-
Sample
230117-kc625sda28
-
MD5
22423170248380d4294c67506feb5818
-
SHA1
2026eb108d545bb6ba1f663fa872fcd9926812c1
-
SHA256
8cdba556506f4d95f0b81f2def0b27b65e82d4f2e2b3df05ca5e1f7d8b127c14
-
SHA512
f71c6771c16184b5f73edd51ea9dc40379a2f9bc7895acdcc06865d70a191fd855acc1ca480ea1a0f3d180d1a2e9dfcfbd5beabdae6c0bee6d9fe1662dda7abf
-
SSDEEP
24576:339HJ4TjmFXsLlfpZ3HbG9Kwsos9hpAL8ILObC6O0z986UvLoLdE3BiKeT:8TiWL3Z3HAKQeHm3619BIs5oiB
Behavioral task
behavioral1
Sample
e85b452445ae19e8a458921c6e14d2c2697e003056f10ae49ab18b969f6aa821.docm
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e85b452445ae19e8a458921c6e14d2c2697e003056f10ae49ab18b969f6aa821.docm
Resource
win10v2004-20220901-en
Malware Config
Extracted
icedid
1212497363
trbiriumpa.com
Targets
-
-
Target
e85b452445ae19e8a458921c6e14d2c2697e003056f10ae49ab18b969f6aa821.docm
-
Size
1.3MB
-
MD5
fccecb0deb25755fb7d60be2d42c7d24
-
SHA1
73b865be51b0577a83168ca76df125615d31b07a
-
SHA256
e85b452445ae19e8a458921c6e14d2c2697e003056f10ae49ab18b969f6aa821
-
SHA512
8a778b523f0a54ca0e0c6396e4d4471189bc1e0f69e84462a05b554d87a0a316d7c81991898b09dd5034571821b09267506e70eb55388c887915c64b04d2b315
-
SSDEEP
24576:/rlpJmLOgHWi8bj11H2w5inpF7sONo/qiy7L9pvRDNG7EzqHm+BmcW:/5pJmgf3zliFppmKqG+2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-