2024-06-20_ffda30f4c657c6f528be4a7b41c4649c_icedid | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-20_ffda30f4c657c6f528be4a7b41c4649c_icedid
Size

2.3MB
MD5

ffda30f4c657c6f528be4a7b41c4649c
SHA1

c12cc589d8b9a5c05a289066fbd41cd625c60b0b
SHA256

dcb495a621b92bea49f320d9eeb985f94f124625ddf79af41ff7739999fa091a
SHA512

0c86395d743bad0c7462ada3cf790b70833839fc3d8388bd4d8871ca726a85546dddfb19105a7a6ac7fa3fc07bba07f3ecf1623bfd99c3980a8815d7e44a9d71
SSDEEP

24576:4Jc+xlafEwh4UUXlTj0J6a+0SBW3CIgjmqYS/fgKkw:ywaUU1TjQ6a+0SU3Odt/fVk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-20_ffda30f4c657c6f528be4a7b41c4649c_icedid

Files

2024-06-20_ffda30f4c657c6f528be4a7b41c4649c_icedid
.exe windows:4 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\YearBook\Work\version 9\Yearbooker\Yearbooker Studio\Release\YearbookerStudio.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 744KB - Virtual size: 742KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 828KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.scc0
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.scc1
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.scc2
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE