2024-01-01_129761074d7baa981899c2fb1fafe41b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_129761074d7baa981899c2fb1fafe41b_icedid
Size

1.2MB
MD5

129761074d7baa981899c2fb1fafe41b
SHA1

c2ae89b51e596862353dc47ddede57c6a9c54774
SHA256

7c58369f910d29003509e4096e276f2c96716e75a72114f92fb3cf72ed7c506c
SHA512

32e7f2356e77068a652e079a7c01fdb0ab8bc7148d4ff7b4af153afab797956d4d397b3b7a959fe7f07a0a05ea9dca273590d93ed0639e9ff55b833b0fbbde8f
SSDEEP

24576:mhVORzXmdJ2Yta2keG+JUmTZ+OH2KSkhN37yy:mhVONmzY2mRYZ+OWwiy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-01_129761074d7baa981899c2fb1fafe41b_icedid

Files

2024-01-01_129761074d7baa981899c2fb1fafe41b_icedid
.exe windows:5 windows x86 arch:x86

095f8562ce62fa6caa983caa9c25ef93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

kernel32

GetSystemTimeAsFileTime
RemoveDirectoryA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
VirtualAlloc
HeapReAlloc
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
GetTickCount
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetProcessHeap
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
CreateFileA
WriteFile
CloseHandle
SetCurrentDirectoryA
DeleteFileA
SearchPathA
GetTempPathA
GetLongPathNameA
GetTempFileNameA
CreateDirectoryA
GetLastError
GetModuleHandleA
FreeLibrary
GetSystemInfo
EnumResourceNamesA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringA
GetModuleFileNameA
LocalAlloc
LocalFree
InterlockedExchange
RaiseException
lstrlenA
MultiByteToWideChar
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
GlobalFlags
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
FormatMessageA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
SetLastError
GlobalFree

user32

PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ValidateRect
ClientToScreen
DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetDC
ReleaseDC
GetSysColorBrush
IsWindowEnabled
RegisterWindowMessageA
WinHelpA
GetCapture
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
RemovePropA
GetFocus
IsWindow
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
GetSysColor
GetCursorPos
CopyRect
PtInRect
GetDlgCtrlID
SendMessageA
CallWindowProcA
GetMenu
GetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
SetWindowsHookExA
ScreenToClient
DefWindowProcA
GetWindowRect
LoadImageA
GetAsyncKeyState
MessageBoxA
SetWindowTextA
SetCursor
LoadCursorA
SetMenu
EnumDisplaySettingsA
GetClientRect
DestroyWindow
LoadIconA
GetSystemMetrics
RegisterClassExA
CreateWindowExA
SetWindowLongA
SetRect
LoadStringA
PeekMessageA
TranslateMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ShowWindow
SetWindowPos
DispatchMessageA
GetPropA

gdi32

SetMapMode
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RestoreDC
SaveDC
ExtTextOutA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

SHFileOperationA
ShellExecuteA

comctl32

InitCommonControlsEx
ord17

winmm

PlaySoundA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 522KB - Virtual size: 522KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

095f8562ce62fa6caa983caa9c25ef93

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

kernel32

user32

gdi32

winspool.drv

shell32

comctl32

winmm

oleaut32

Sections

.text Size: 522KB - Virtual size: 522KB

.rdata Size: 130KB - Virtual size: 130KB

.data Size: 12KB - Virtual size: 36KB

.rsrc Size: 516KB - Virtual size: 516KB

.text
Size: 522KB - Virtual size: 522KB

.rdata
Size: 130KB - Virtual size: 130KB

.data
Size: 12KB - Virtual size: 36KB

.rsrc
Size: 516KB - Virtual size: 516KB