General
-
Target
file.docm.zip
-
Size
1.2MB
-
Sample
220918-gdfpssagd5
-
MD5
217f003ed3ba32b0f5df3e8c08460eff
-
SHA1
f4fc619c58998dd136d8b096b69d60d06566dafa
-
SHA256
2056b52f8c2f62e222107e6fb6ca82708cdae73a91671d40e61aef8698e3e139
-
SHA512
c797a5dc76161ec0d5e07d78fd459004d1c36487c6b0f8eef5caef5102a4124640d8797c30127fd1d2ea1cb674bb9851a86df9405577b476109edb71df720cfc
-
SSDEEP
24576:CLJSlW2Oo6wewLPhHI38vYbiMefcVKFCk0RbtJ8wVpaIeOmZKAIIy7nQvx:CLJSlh6SLPhosvmSf+KCbcEsIyKAIznq
Static task
static1
Behavioral task
behavioral1
Sample
file.docm
Resource
win7-20220812-en
Malware Config
Extracted
icedid
809191839
Extracted
icedid
809191839
allozelkot.com
Targets
-
-
Target
file.docm.zip
-
Size
1.2MB
-
MD5
217f003ed3ba32b0f5df3e8c08460eff
-
SHA1
f4fc619c58998dd136d8b096b69d60d06566dafa
-
SHA256
2056b52f8c2f62e222107e6fb6ca82708cdae73a91671d40e61aef8698e3e139
-
SHA512
c797a5dc76161ec0d5e07d78fd459004d1c36487c6b0f8eef5caef5102a4124640d8797c30127fd1d2ea1cb674bb9851a86df9405577b476109edb71df720cfc
-
SSDEEP
24576:CLJSlW2Oo6wewLPhHI38vYbiMefcVKFCk0RbtJ8wVpaIeOmZKAIIy7nQvx:CLJSlh6SLPhosvmSf+KCbcEsIyKAIznq
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Loads dropped DLL
-