2024-01-01_8a604857ff7badaa2f5b703166327c15_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_8a604857ff7badaa2f5b703166327c15_icedid
Size

1.9MB
MD5

8a604857ff7badaa2f5b703166327c15
SHA1

c7cf0bd8dd6871f46d824442f52f8dccc2a23a2e
SHA256

0fa81b200a2e6686b587d83688115316a0716e702c6e7fba831012bbcec5682c
SHA512

1e9ff9152ba92c7608706e741195e36185d75def21d6c91d459a06a023803dd3ee22d0cc927bf6c2eadb16f2392d5267e315e82036e6db8b7a73438ad70f0d2f
SSDEEP

49152:XtCISMMED8zftBNOOsNtp0jTIueRCuN6u/Mr4YG/K0p7pmpAk9uCj7xqh4FFrsWL:DMEDo3NOOWtp+I5RZN6u/Mr4YNvAiuCF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-01_8a604857ff7badaa2f5b703166327c15_icedid

Files

2024-01-01_8a604857ff7badaa2f5b703166327c15_icedid
.exe windows:5 windows x86 arch:x86

6b6002d02fe1050ac17af96cc4f218bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

SendARP
GetAdaptersAddresses
GetBestInterface
GetIpAddrTable

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ws2_32

htonl
inet_ntoa
inet_addr
ntohl

kernel32

TerminateProcess
IsValidCodePage
LCMapStringW
SetHandleCount
GetStdHandle
IsProcessorFeaturePresent
GetCurrentDirectoryW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
CompareStringW
WriteConsoleW
CreateFileW
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
IsDebuggerPresent
Sleep
GetModuleFileNameA
GetBinaryTypeA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetVersionExA
GlobalFree
GlobalAlloc
LocalFree
FormatMessageA
GetLastError
GetTimeZoneInformation
GetDiskFreeSpaceExA
FindClose
FindFirstFileA
GetFileAttributesA
CopyFileA
FileTimeToSystemTime
FindNextFileA
MoveFileA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LocalAlloc
MultiByteToWideChar
lstrlenA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
CreateThread
ExitThread
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetDateFormatA
GetTimeFormatA
RemoveDirectoryA
CreateDirectoryA
GetDriveTypeW
SetCurrentDirectoryA
SetEnvironmentVariableA
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
RtlUnwind
FindResourceExW
VirtualProtect
FreeLibrary
LoadLibraryA
SetErrorMode
GetExitCodeProcess
WaitForSingleObject
SearchPathA
GetProfileIntA
CloseHandle
CreateProcessA
lstrlenW
GetTickCount
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetCurrentDirectoryA
lstrcpyA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
CreateFileA
lstrcmpiA
WaitForMultipleObjects
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetThreadTimes
GetPrivateProfileIntA
CreateEventA
SuspendThread
ResumeThread
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryW
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
FindResourceA
FreeResource
SetLastError
GlobalSize
GlobalLock
GlobalUnlock
MulDiv
ResetEvent
SetEvent
GetThreadPriority
SetThreadPriority
GetProcessHeaps
RaiseException

user32

TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
PostThreadMessageA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawStateA
LoadMenuW
SetClassLongA
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
GetIconInfo
OffsetRect
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
InvalidateRect
DeleteMenu
IntersectRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
UnregisterClassA
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
CharUpperA
MsgWaitForMultipleObjectsEx
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
GetWindowThreadProcessId
ShowOwnedPopups
GetMessageA
TranslateMessage
GetCursorPos
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetWindowRgn
DestroyCursor
MapDialogRect
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
CopyRect
PtInRect
GetWindow
UnhookWindowsHookEx
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
IsDialogMessageA
GetUpdateRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
ReleaseDC
GetDC
GetAsyncKeyState
GetSystemMenu
AppendMenuA
MessageBeep
EnableWindow
GetSystemMetrics
LoadIconW
KillTimer
SetTimer
GetClientRect
IsIconic
PostMessageA
SendMessageA
DrawIcon
SetCursor

gdi32

DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
SetRectRgn
CombineRgn
SetLayout
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
PatBlt
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetTextMetricsA
GetTextCharsetInfo
GetTextExtentPoint32A

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
LookupAccountNameA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
InitiateSystemShutdownA
AdjustTokenPrivileges
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
CheckTokenMembership
RegDeleteKeyA
GetUserNameA
GetNamedSecurityInfoA
LookupAccountSidA
OpenProcessToken
LookupPrivilegeValueA

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation

comctl32

ord17
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoInitialize
DoDragDrop
CoUninitialize

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VarBstrFromDate
SysAllocString
VariantClear

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 330KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b6002d02fe1050ac17af96cc4f218bb

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

version

ws2_32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 305KB - Virtual size: 304KB

.data Size: 330KB - Virtual size: 360KB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 305KB - Virtual size: 304KB

.data
Size: 330KB - Virtual size: 360KB

.rsrc
Size: 44KB - Virtual size: 44KB