Extracted

• 2025-03-11_96c6eae49a35e61ff667cfa7dd0b0c8a_icedid

  .exe windows:5 windows x86 arch:x86

  6ef9fc3b824d44b454eb43ca834c20b8

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  advapi32

  GetUserNameA

  shell32

  SHGetFolderPathA

  winhttp

  WinHttpSetStatusCallback

  WinHttpSendRequest

  WinHttpQueryDataAvailable

  WinHttpCloseHandle

  WinHttpSetOption

  WinHttpOpenRequest

  WinHttpReadData

  WinHttpQueryHeaders

  WinHttpOpen

  WinHttpReceiveResponse

  WinHttpConnect

  kernel32

  HeapReAlloc

  MultiByteToWideChar

  ExitProcess

  lstrcpyA

  Sleep

  VirtualAlloc

  VirtualProtect

  GetModuleFileNameA

  CreateDirectoryA

  lstrcatA

  lstrlenA

  GetFileSize

  HeapAlloc

  CloseHandle

  CreateFileA

  HeapFree

  GetProcessHeap

  ReadFile

  WriteFile

  user32

  wsprintfA

  Sections

  .text

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  bss

  Size: - Virtual size: 4B

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 592B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 512B - Virtual size: 196B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ