icedid | 3dd4b23bafa58cea463de7a35cd5d7c8_icedid_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dd4b23bafa58cea463de7a35cd5d7c8_icedid_JC.exe
Size

32KB
MD5

3dd4b23bafa58cea463de7a35cd5d7c8
SHA1

556beff140ba2190d59e0c36ed23f6b06be5b6d6
SHA256

f0624cf8132fc3a5c968d39ffa76188a344b4c05f02d4db47e0fa9b77d9e451e
SHA512

f4b2389afca62dced5a63a440ee124e4729cf901ff23d440ded3c254221bc3f9dcb3594478d65a78b6ece5581d63938f2cdc99649170dca96491cfd4419ae104
SSDEEP

384:caBUn3Zz6mxQNqNVH+A5+ZrCi/63f+rs:cam56nNqP+Dnl

Score

10^/10

loader icedid

Malware Config

Extracted

Family

icedid

Signatures

Icedid family
icedid

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dd4b23bafa58cea463de7a35cd5d7c8_icedid_JC.exe

Files

3dd4b23bafa58cea463de7a35cd5d7c8_icedid_JC.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.c
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE