2024-03-27_0f93bea46985e35ab4984cba5a682bea_icedid

General

Target

2024-03-27_0f93bea46985e35ab4984cba5a682bea_icedid
Size

2.3MB
MD5

0f93bea46985e35ab4984cba5a682bea
SHA1

e1d6f76188d71570d9af0e687255f60e3d2ee527
SHA256

0471820c1107f41b03b33589944bb1e83d88204d64ed72deecb6d563a9a88e91
SHA512

73652b12faabcefcbdd4dfa9dd9ed568d7a85e3b344a81ea1ce38572bce2a7679dcd6b64ec221e080e4b095d9e0ee0474fb9952d0c2c5b9b041222718deff683
SSDEEP

49152:BnsHyjtk2MYC5GDmBdSKgrAhVFtcHgoV51N9:Bnsmtk2aPO

Score

10^/10

Detects Windows executables referencing non-Windows User-Agents 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_NoneWindowsUA

Detects executables (downlaoders) containing URLs to raw contents of a paste 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawPaste_URL

Detects executables Discord URL observed in first stage droppers 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_DiscordURL

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-27_0f93bea46985e35ab4984cba5a682bea_icedid