2024-03-13_5fb0787a1ae17d0fb1425a626b95ca2b_icedid | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-13_5fb0787a1ae17d0fb1425a626b95ca2b_icedid
Size

403KB
MD5

5fb0787a1ae17d0fb1425a626b95ca2b
SHA1

9ae8bd37f1cdf71d274146780450a6023af9be60
SHA256

24238e1127b031943a237cc442081a46a7508920eef773f5ff76284dfdad6cfb
SHA512

73415aa1f7f6db515e5b4dea1b66557007c99d7b28f001edfb6d077afd815601871d299cfd5edddd4516bed762c6a96aecbd52cd8c1b5a553c92414a96eb4810
SSDEEP

12288:zplrVbDdQaqdS/AfraFErH8uB2Wm0lXdPr5FU:1xRo+Fucuvm0dd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-13_5fb0787a1ae17d0fb1425a626b95ca2b_icedid

Files

2024-03-13_5fb0787a1ae17d0fb1425a626b95ca2b_icedid
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

?EngineProc@@YGJHIJ@Z
?process1@@YAHHHHPAD@Z
?process2@@YAHXZ
?process3@@YAHH@Z
?process5@@YAHH@Z

Sections

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE