General

  • Target

    2024-03-27_929788d8bc7940c049c8ca127412de48_icedid

  • Size

    2.0MB

  • MD5

    929788d8bc7940c049c8ca127412de48

  • SHA1

    1ca75e18457f332065086207e577360f950611b7

  • SHA256

    85495dcf0524b4449d56c2ad632618dcccc175b5552a426f3d35a9df512b8d91

  • SHA512

    c5ae4ddc3151cd045b6d67e276a8297515d4cea6ee5dc4156bf3b53dce9bd8cf966a24f8dcce6f6a959b14ceff3ee375d1673149374c68c60916c9e1cec195d4

  • SSDEEP

    49152:OnsHyjtk2MYC5GDdyCTq24GjdGSVhWD2J3Y2p3691gZFeEfQj:Onsmtk2a9WjdGSuD2Jo2foj

Score
10/10

Malware Config

Signatures

  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Detects executables Discord URL observed in first stage droppers 1 IoCs
  • Detects executables manipulated with Fody 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-27_929788d8bc7940c049c8ca127412de48_icedid
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections