NEAS[.]2023-09-05_0d486ece1a466e339b03a64895572b38_icedid_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-05_0d486ece1a466e339b03a64895572b38_icedid_JC.exe
Size

469KB
MD5

0d486ece1a466e339b03a64895572b38
SHA1

b5efe66e6251897f6232717b7646052b974cbee0
SHA256

077adadb31bd6c2bc4428e4c2c4b00d5025738379920c4c6c8c5596463b93ea4
SHA512

f47351fb676bb8918c073c6bf0e7f04501d05f72d9636cf43e4faf837720bd1af615cb31bade06d03fa1501e963debcc4a8c0a8346c6a9c8389b2b1934c1f31d
SSDEEP

12288:ZQ30HbPZHnwzm/YYrWEPsx2HWr3mWvk7LO8bk0V0:WkHTZHnP/YYA8HWr2Wwy85u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2023-09-05_0d486ece1a466e339b03a64895572b38_icedid_JC.exe

Files

NEAS.2023-09-05_0d486ece1a466e339b03a64895572b38_icedid_JC.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mjg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE