2024-05-05_484e03a2fe98be76fb37b5863ee1f07a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-05_484e03a2fe98be76fb37b5863ee1f07a_icedid
Size

5.2MB
MD5

484e03a2fe98be76fb37b5863ee1f07a
SHA1

206b274824aef39bcef0c4d1cc5981f3562873ec
SHA256

ff495608575a0a49c5e1fa0ac092d102363ff6a04b5ba2b7cfdef151c941bf97
SHA512

287b4492a53aa2ff0e4ab6b292610d1189f57de8670542d4e1804562fdc330e0260d49ff6cdccab13b63e0484c423a15587e9b9bee4aa2ef3c06a3d071e2332b
SSDEEP

98304:8tbz6IMf1ieegNJBAUZLFzTDZZ+wRTBWUmQB:mlM3JVRzTN1mE

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-05_484e03a2fe98be76fb37b5863ee1f07a_icedid

Files

2024-05-05_484e03a2fe98be76fb37b5863ee1f07a_icedid
.exe windows:4 windows x86 arch:x86

ff4081dfe61f814bb63b224d28a8d7fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualAlloc
LoadLibraryA
GetProcAddress
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RaiseException
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapValidate
GetSystemInfo
LCMapStringW
GetStdHandle
GetFileType
CloseHandle
GetConsoleMode
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
WriteFile
OutputDebugStringW
WriteConsoleW
CreateFileW
FlushFileBuffers
GetConsoleOutputCP
SetStdHandle
GetStringTypeW
SetFilePointerEx
DecodePointer

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 572KB - Virtual size: 867KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Qe0
Size: 356KB - Virtual size: 352KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qe1
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qe2
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qe3
Size: 968KB - Virtual size: 968KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qe4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qe5
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qe6
Size: 512KB - Virtual size: 511KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ff4081dfe61f814bb63b224d28a8d7fa

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 572KB - Virtual size: 867KB

.rsrc Size: 88KB - Virtual size: 86KB

.Qe0 Size: 356KB - Virtual size: 352KB

.Qe1 Size: 16KB - Virtual size: 13KB

.Qe2 Size: 16KB - Virtual size: 13KB

.Qe3 Size: 968KB - Virtual size: 968KB

.Qe4 Size: 4KB - Virtual size: 4KB

.Qe5 Size: 16KB - Virtual size: 13KB

.Qe6 Size: 512KB - Virtual size: 511KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 572KB - Virtual size: 867KB

.rsrc
Size: 88KB - Virtual size: 86KB

.Qe0
Size: 356KB - Virtual size: 352KB

.Qe1
Size: 16KB - Virtual size: 13KB

.Qe2
Size: 16KB - Virtual size: 13KB

.Qe3
Size: 968KB - Virtual size: 968KB

.Qe4
Size: 4KB - Virtual size: 4KB

.Qe5
Size: 16KB - Virtual size: 13KB

.Qe6
Size: 512KB - Virtual size: 511KB