2024-11-15_4ba94831a2abd837a22db12c9ae27920_icedid_ramnit_vidar | Triage

Sharing

General

Target

2024-11-15_4ba94831a2abd837a22db12c9ae27920_icedid_ramnit_vidar
Size

3.6MB
MD5

4ba94831a2abd837a22db12c9ae27920
SHA1

d34f7d3591d5224c362fe88626a57b6c64dcd042
SHA256

6fc0f0accd057d316f624a79820c8404b4234c60598cc52bad15de295232fdb6
SHA512

396a6bf67ff20fcb4c088567d4a6f6d28feabe77178f5824fde4c580664352dc3d5ac8cc32e047141a54f18eed7754585d94d25b0c1f54dd217a2746fd0082d6
SSDEEP

98304:1HtK2afnf1W7ojMl9b52e4UF4qFmLSYYWo4r8eJZNKDQT:7ava9sU5ZWo4r8eJDKU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-11-15_4ba94831a2abd837a22db12c9ae27920_icedid_ramnit_vidar

Files

2024-11-15_4ba94831a2abd837a22db12c9ae27920_icedid_ramnit_vidar
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Sources\_SSDlife\tmp\Release\SSDlife.pdb

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 500KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 892KB - Virtual size: 892KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE