General

  • Target

    2024-02-24_db84a4c31f28677f09db2b9abb31f385_icedid_xrat

  • Size

    4.0MB

  • MD5

    db84a4c31f28677f09db2b9abb31f385

  • SHA1

    8d1b965d17c76538832e5c4fec45a32a89fdf03c

  • SHA256

    bd0ca893341846b83a4bd7f4784600ebba8b2a566e32f216c3aa96520da266f9

  • SHA512

    75cd34323b80a68a054bdca1214cd4d2ae312eb873e383bbf73b54a3d7979426f3b5e258a894ad616f25b1572115713d90174286dd0cfc8f82cd12e171058369

  • SSDEEP

    98304:cV/t/oiRvH22SsaNYfdPBldt6+dBcjHk/bztYYv:UXY7jsbzp

Score
10/10

Malware Config

Signatures

  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
  • Detects executables containing common artifacts observed in infostealers 1 IoCs
  • Quasar family
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-02-24_db84a4c31f28677f09db2b9abb31f385_icedid_xrat
    .exe windows:4 windows x86 arch:x86

    b256d5fb0c7001cb50ccf5d0f67b1c83


    Headers

    Imports

    Sections