e670b6eeeb141d3d01d24799ff4dfec6_icedid_silence_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e670b6eeeb141d3d01d24799ff4dfec6_icedid_silence_JC.exe
Size

2.5MB
MD5

e670b6eeeb141d3d01d24799ff4dfec6
SHA1

e32489070942444e23e2763a7c126e404a17572a
SHA256

2de853e3d3eff9984db506786e915e6998a2f67a2149313225d1f7256719ab36
SHA512

350bf537c9c6e76e7be9f8e75080514a5546ee7ce5fd2a7d95e15b732bdbc0ee201cc7050624a83a338b465da7fde937ab00071baaa2cb04f6ab23e6f49ba4db
SSDEEP

49152:ViGttgHlaoa9FTSXTGIwXpH8m/T0aZzIRCCKBbrnOxsO+TzNpZZZZZ1ZsU:ViGgxYFTgT1wXpHxT0aZzIXsbbasO+TG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e670b6eeeb141d3d01d24799ff4dfec6_icedid_silence_JC.exe

Files

e670b6eeeb141d3d01d24799ff4dfec6_icedid_silence_JC.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 473KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enigma1
Size: 1.2MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE