2024-09-28_5e7080ef6f95218618250291824c02d7_bazarloader_icedid | Triage

Sharing

General

Target

2024-09-28_5e7080ef6f95218618250291824c02d7_bazarloader_icedid
Size

280KB
MD5

5e7080ef6f95218618250291824c02d7
SHA1

1d08b94efe4ad5fca6f60f7d1c4f6312365d0b4b
SHA256

39655f6b003a6f5ef02b4ed8878f79f623d4d38b7832fa18f6b2e4e2d2232222
SHA512

394c23f48bf09e07caa808f8457319148f848b8df16b7657340b8313b9bd858e7d2f53a2bb0c2712afce9b8a19f7e472c72cddfeaf1d7f725bbc127cf8775a5a
SSDEEP

6144:3Yc2uFGmzyW2ckd91ylUWCLH07TdDMmqxlGTyY2VBP478rhbm:3YcrFG7GljC707TBkx8Tv2/478I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-28_5e7080ef6f95218618250291824c02d7_bazarloader_icedid

Files

2024-09-28_5e7080ef6f95218618250291824c02d7_bazarloader_icedid
.exe windows:6 windows x64 arch:x64

1763dd4f33d16789c020c81347e7bb4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

AppendMenuW
GetMenuItemID
CharUpperBuffW
PeekMessageA
wvsprintfW

gdi32

EnumICMProfilesA
GetGlyphOutlineW
ExtEscape
CreatePenIndirect
CreateDIBPatternBrushPt
CreateDCW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE