General

  • Target

    387ff39a0b315645f7e36dcecccc566e_icedid_JC.exe

  • Size

    7.3MB

  • MD5

    387ff39a0b315645f7e36dcecccc566e

  • SHA1

    41e05a8aa22a1010e4a078f7c6da7b8b0c42aaa5

  • SHA256

    eed472df70e63bcacbe322c082560754c9dbc00545182f160671bc3978f70004

  • SHA512

    ebd8528b43123cfdbca327a5a83015bcf7353d5462d72ef32b8a0e16e3f5d4ea5a7fb862673181e08728c1480a67f0e248bb0a4491ba198512d7ce159480d288

  • SSDEEP

    98304:EuPb8NbO4g6a3N2RpLM2fcb5e0lD00m3cjwwcLUQd:Xb4y4g9dpOcbTJ0N3Hb

Score
9/10

Malware Config

Signatures

  • CoreEntity .NET Packer 1 IoCs

    A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 387ff39a0b315645f7e36dcecccc566e_icedid_JC.exe
    .exe windows x86

    076700db5f51f17a3a0f5e8db8ba9a9a


    Headers

    Imports

    Sections