2024-01-01_77051f44d023c79ce9864146e4ddcb7d_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_77051f44d023c79ce9864146e4ddcb7d_icedid
Size

2.0MB
MD5

77051f44d023c79ce9864146e4ddcb7d
SHA1

8b06d90faea2dafa9c5b904dc54bb6654bde7fe9
SHA256

1f7725f9ce64df59e81890161c7cda5be657aa6ad187a37b7419dcc586bc4564
SHA512

f0358b224513e16582922c4104173a89e5695a4fc8e2c3eaf83d245e8e85a6230f137538224756a86a868489e1fc4299bbdc4d4c94f711b45a3f3448011d10c6
SSDEEP

49152:RXdpkVsy/4HpticYlFMMxo6BOD4k+pvZml:NkV9AH6cYlFMMW4ODX+el

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-01_77051f44d023c79ce9864146e4ddcb7d_icedid

Files

2024-01-01_77051f44d023c79ce9864146e4ddcb7d_icedid
.exe windows:5 windows x86 arch:x86

bde21f6a55c2e4b5f1161375e68b5d94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

inpout32

ord2
ord1

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
CM_Get_DevNode_Registry_PropertyA
SetupDiDestroyDeviceInfoList
CM_Disconnect_Machine
CM_Locate_DevNodeA
CM_Get_Child
CM_Get_Sibling
CM_Get_Parent
CM_Get_Child_Ex
CM_Request_Device_EjectA
CM_Connect_MachineA
CM_Get_DevNode_Registry_Property_ExA
CM_Get_Sibling_Ex
SetupDiGetClassDevsA

shlwapi

PathFindExtensionA
PathIsUNCA
PathStripToRootA
PathFileExistsA
PathFindFileNameA
StrToInt64ExA
StrToIntExA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

netapi32

NetWkstaGetInfo
NetApiBufferFree

kernel32

SetCommState
SetCommTimeouts
SignalObjectAndWait
WaitCommEvent
WaitForMultipleObjects
GetCommMask
SetLastError
ReleaseMutex
TerminateThread
LCMapStringW
LCMapStringA
IsValidCodePage
GetACP
GetStdHandle
GetTimeZoneInformation
HeapCreate
HeapSize
GetFileType
SetStdHandle
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetDriveTypeW
HeapAlloc
CreateThread
ExitThread
GetSystemTimeAsFileTime
HeapFree
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesA
InterlockedIncrement
GetModuleHandleW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetCommState
InterlockedExchange
GetFullPathNameA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
GetModuleFileNameW
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
GetCurrentProcessId
FormatMessageA
LocalFree
MulDiv
lstrlenA
GetVersionExA
SetEnvironmentVariableA
CompareStringW
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateProcessA
GetExitCodeProcess
GetProcessHeap
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
SetHandleCount
CreateFileW
GetFullPathNameW
SetEvent
ResetEvent
EnterCriticalSection
GetLocaleInfoA
LeaveCriticalSection
GetLastError
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
LocalAlloc
SetCommMask
CreateEventA
GetLocalTime
GetCurrentThreadId
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalUnlock
GlobalLock
GetCurrentProcess
GetModuleHandleA
GetWindowsDirectoryA
WinExec
SetThreadLocale
SetFileAttributesA
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
GetVersion
GetCurrentDirectoryA
InterlockedDecrement
GetTickCount
GetModuleFileNameA
GetFileAttributesW
GetShortPathNameA
lstrcmpA
FlushFileBuffers
DeleteCriticalSection
InitializeCriticalSection
GetComputerNameA
GlobalFree
GlobalAlloc
WriteFile
SetVolumeLabelA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
VirtualFree
VirtualAlloc
DeviceIoControl
SetFilePointer
GetFileSize
ReadFile
CloseHandle
CreateFileA
MultiByteToWideChar
GetVolumeInformationA
FindNextFileA
FindFirstFileA
GetLogicalDrives
WritePrivateProfileStringA
GetProcAddress
LoadLibraryA
GetDriveTypeA
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
ResumeThread
WaitForSingleObject
GetPrivateProfileIntA
DeleteFileA
CreateDirectoryA
Sleep
CopyFileA
GetPrivateProfileStringA
FreeLibrary
OutputDebugStringA

winscard

SCardStatusA
SCardEndTransaction
SCardTransmit
SCardBeginTransaction
SCardDisconnect
SCardListReadersA
SCardConnectA
SCardEstablishContext

ws2_32

socket
getpeername
getsockname
closesocket
shutdown
accept
gethostname
bind
gethostbyname
__WSAFDIsSet
getservbyname
htons
htonl
ntohs
WSACleanup
WSAStartup
WSAGetLastError
ntohl
connect
send
sendto
select
recvfrom
recv
inet_addr

rpcrt4

UuidCreateSequential

user32

SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetMenu
ShowWindow
CheckMenuItem
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
EnableMenuItem
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
BeginPaint
EndPaint
SetWindowLongA
SetWindowPos
CharUpperA
EndDialog
CreateDialogIndirectParamA
GetDesktopWindow
PostQuitMessage
GetSysColorBrush
LoadCursorA
UnregisterClassA
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetWindowsHookExA
CallNextHookEx
GetMessageA
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMenuItemCount
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DrawEdge
GetClassLongA
WindowFromDC
SendMessageTimeoutA
FindWindowA
GetDlgItem
MsgWaitForMultipleObjects
PeekMessageA
DrawIcon
GetSystemMetrics
IsIconic
LoadIconA
GetWindowTextA
GetClassNameA
IsWindow
UpdateWindow
RedrawWindow
DispatchMessageA
TranslateMessage
MessageBoxA
KillTimer
PtInRect
ScreenToClient
GetMessagePos
SetTimer
FrameRect
ReleaseDC
GetDC
GetSysColor
FillRect
DrawStateA
OffsetRect
GetClientRect
DrawFocusRect
InflateRect
CopyRect
TrackPopupMenuEx
GetSubMenu
GetWindowRect
GetActiveWindow
WindowFromPoint
ClientToScreen
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
GetWindowLongA
DestroyIcon
DestroyMenu
DestroyCursor
EnableWindow
wsprintfA
SendMessageA
PostMessageA

gdi32

LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
GetBkColor
GetTextExtentPoint32A
CreateRectRgn
ExtTextOutA
PtVisible
RectVisible
TextOutA
Escape
GetDeviceCaps
GetClipBox
SaveDC
RestoreDC
SetBkMode
SetMapMode
LineTo
MoveToEx
SetTextAlign
GetViewportOrgEx
CreateFontA
SelectClipRgn
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreatePen
SetViewportOrgEx
DeleteObject
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
GetObjectA
CreateDIBSection
CreateSolidBrush
Rectangle
CreateFontIndirectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegFlushKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHCreateDirectoryExA
ShellExecuteExA
ShellExecuteA
SHGetSpecialFolderPathA

comctl32

_TrackMouseEvent

ole32

OleRun
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantInit
VariantClear
SysFreeString
GetErrorInfo
SysAllocString

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bde21f6a55c2e4b5f1161375e68b5d94

Headers

DLL Characteristics

File Characteristics

Imports

inpout32

setupapi

shlwapi

version

netapi32

kernel32

winscard

ws2_32

rpcrt4

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 234KB - Virtual size: 234KB

.data Size: 29KB - Virtual size: 190KB

.rsrc Size: 279KB - Virtual size: 278KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 234KB - Virtual size: 234KB

.data
Size: 29KB - Virtual size: 190KB

.rsrc
Size: 279KB - Virtual size: 278KB