icedid[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

core.bat

windows7_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

core.bat

Resource

win7-20220414-en

icedid 2406015698 banker core_loader core_payload trojan

windows7_x64

0 signatures

0 seconds

General

Target

icedid.zip
Size

458KB
MD5

3cbbb7d2ea4bb95aab6c4de5c55089d1
SHA1

c81cbb504fe502d829ee221ff57942c9c3029861
SHA256

570cc045bb9d945ca5e66ed76c80448d2c37f9a9073737057323b6e300592180
SHA512

d40c8f404d8b87f3d1c5e077a0137e9be7eb54b4c9d02ebb3e98c56509f864a73aeb8e24e64196b2cb010e99e0efe56317dd81ff318900aea6d05fabbd7a0fbf
SSDEEP

12288:ufBBtfewdahbO29W/BTmvZuDflxdwqs8a6DX:ufBBtfAL9WJTmSdwqRZ

Score

N/A

Malware Config

Signatures

Files

icedid.zip
.zip
clutch-32.tmp
.dll windows x64

93406070e8f82caaf6ed319d32395794

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

CreateBrushIndirect
GetTextCharacterExtra
GetTextCharset
GetGlyphIndicesA
GdiGetBatchLimit
GetICMProfileW
Chord

msvfw32

ord2
ICInstall
ICGetInfo
ICSendMessage
ICDecompress
ICDraw
DrawDibStart
GetOpenFileNamePreviewW

Exports

Exports

A4COce1ujFb
AcxGpz
B2GHGNnvPg2
BeNLJAyZnN8
Bh012VLJC0z
Bjaskkas
ChAxTmVaL
D0ezwQ2kXP
D5FfBQIWDz
JgwdTv13Af
K3CXYLz
KnyyXGLIr2Y

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
core.bat
license.dat

© 2018-2024

Terms | Privacy