2024-04-16_a1123127d4f436d28b69a5af6404e1a4_icedid

General

Target

2024-04-16_a1123127d4f436d28b69a5af6404e1a4_icedid
Size

2.0MB
MD5

a1123127d4f436d28b69a5af6404e1a4
SHA1

01510d918e04801f0946875acd40b19461daea90
SHA256

e6548bcdc33d615f7d77b9d07ec98bbeaca05be6267fc88f740a08f6dbc9616a
SHA512

0d99e61058f7350f4fc6b46e104d778f2c3202b1d805302e4b5b4501d13ee5295b3c4e7527a9c65b46e6718f95490f9c2d926fe4962d6e53d200d85afb504dd5
SSDEEP

49152:nwnlFBzwKmi1EmNPj+JuljgirsK/9p/d62d:nwndw41E2aeDrskD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_a1123127d4f436d28b69a5af6404e1a4_icedid

Files

2024-04-16_a1123127d4f436d28b69a5af6404e1a4_icedid
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Jenkins\workspace\srf_develop\ShuRuFa\程序\Trunk\Bin\pdbmap\WanNengWB\Cloud.pdb

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pmj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 336KB - Virtual size: 332KB

.data Size: 48KB - Virtual size: 91KB

.rsrc Size: 300KB - Virtual size: 299KB

.pmj Size: 4KB - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 336KB - Virtual size: 332KB

.data
Size: 48KB - Virtual size: 91KB

.rsrc
Size: 300KB - Virtual size: 299KB

.pmj
Size: 4KB - Virtual size: 4KB