2024-01-01_3ba271c0bd4a0af4518d44d3e73a3eb9_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_3ba271c0bd4a0af4518d44d3e73a3eb9_icedid
Size

376KB
MD5

3ba271c0bd4a0af4518d44d3e73a3eb9
SHA1

b43a942bafb24110a6fecdcd3b72aa2176cafc16
SHA256

6e10d31385887da2f24ada00b088c2dcb51311cd65940ebf2f2f3f7ed5b09dc9
SHA512

889be499698f74d29ec5c98ed48de8c08167591061fc92c32da7b2109b162cc3b5c733c98f9b7660054a858c5375f328d39daff09989049588aedad0f6c333e7
SSDEEP

6144:zEi9HAhpRXzrMfoo/12yvEhlEmSjatoQi40aiAzUUz:zEi8v8fooUZhlEmSjN4sAz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-01_3ba271c0bd4a0af4518d44d3e73a3eb9_icedid

Files

2024-01-01_3ba271c0bd4a0af4518d44d3e73a3eb9_icedid
.exe windows:4 windows x86 arch:x86

99249e799595a46c35a6856a8e1b430a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHDeleteKeyW
PathFindExtensionW

aclui

ord1

kernel32

GetStartupInfoW
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
ExitThread
CreateThread
ExitProcess
TerminateProcess
HeapAlloc
HeapReAlloc
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetErrorMode
ReleaseMutex
CreateMutexW
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
InterlockedIncrement
lstrcmpiW
WritePrivateProfileStringW
FileTimeToSystemTime
GlobalFindAtomW
lstrlenA
GetModuleHandleA
GetVersionExA
InterlockedDecrement
GetTickCount
FreeResource
WaitForSingleObject
ResumeThread
CloseHandle
GlobalAddAtomW
GetLastError
SetLastError
GlobalFree
MulDiv
GlobalUnlock
lstrcpynW
GetCurrentThread
GetCurrentThreadId
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetModuleHandleW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryW
LoadLibraryA
GetProcAddress
GetTimeZoneInformation
DeleteFileW
CreateDirectoryW
lstrlenW
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
FindFirstFileW
FindNextFileW
CopyFileW
GetComputerNameExW
GetComputerNameW
lstrcpyW
LoadLibraryExW
FormatMessageW
LocalFree
FreeLibrary
lstrcatW
Sleep
GetVersion
MultiByteToWideChar
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCommandLineW

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
PostThreadMessageW
CharUpperW
GetSysColorBrush
ReleaseCapture
LoadCursorW
SetCapture
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
PtInRect
UnhookWindowsHookEx
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
RegisterClipboardFormatW
CopyRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
MessageBoxW
GetDC
ReleaseDC
GetWindowRect
IsWindow
GetSystemMetrics
LoadIconW
EnableWindow
InvalidateRect
GetClientRect
IsIconic
GetSystemMenu
PostMessageW
SendMessageW
AppendMenuW
CreatePopupMenu
DrawIcon
wsprintfW
UnregisterClassW

gdi32

SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
DeleteObject
GetStockObject
DeleteDC
ExtSelectClipRgn
GetObjectW
Escape
CreateFontIndirectW
SetMapMode
RestoreDC
SaveDC
ExtTextOutW
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
SelectObject
GetTextMetricsW
ScaleWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExA
RegOpenKeyExA
GetUserNameW
RegQueryValueW
RegDeleteKeyW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc

comctl32

PropertySheetW
ImageList_Destroy
ord17

oledlg

OleUIBusyW

ole32

CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CLSIDFromString
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
CoGetClassObject
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter

oleaut32

SystemTimeToVariantTime
SysFreeString
SysStringLen
OleCreateFontIndirect
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
VariantCopy

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99249e799595a46c35a6856a8e1b430a

Headers

File Characteristics

Imports

shlwapi

aclui

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 24KB - Virtual size: 22KB