2024-01-06_720ad1265ae8270bb39915716e90a917_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-06_720ad1265ae8270bb39915716e90a917_icedid
Size

3.3MB
MD5

720ad1265ae8270bb39915716e90a917
SHA1

db94376b185e7b1733b30fb0dbaab7f99de56ccc
SHA256

4bb6c3b741b60d414fc406500c0668a672ff28f64ff81fc857e5d72a6e3300ac
SHA512

b982656f0cec4ca136c0bc6ed154f4a61de7e99197b5df15557a1e7c71529c981b71f5a6f890a0eb887816d26a309a316f21f0b5c88f847470f13ecf61e3a465
SSDEEP

98304:HMZyUUEq/n7hreJHWoxd1Os7OLn7h+dG:gyUUHreJHWoxd1Os7w+dG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-06_720ad1265ae8270bb39915716e90a917_icedid

Files

2024-01-06_720ad1265ae8270bb39915716e90a917_icedid
.exe windows:4 windows x86 arch:x86

264a7f03786099db495f4181dda33dbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasSetEntryPropertiesA
RasGetErrorStringA
RasSetEntryDialParamsA
RasDialA
RasEnumConnectionsA
RasHangUpA

ws2_32

WSASetEvent
WSAEventSelect
WSARecv
WSAResetEvent
WSASend
WSAGetOverlappedResult
WSAConnect
WSAEnumNetworkEvents
WSASocketA
ntohs
WSACreateEvent
gethostbyaddr
WSAGetLastError
inet_addr
htons
getservbyname
htonl
WSACloseEvent
closesocket
WSAStartup
gethostname
gethostbyname
inet_ntoa
WSACleanup
getservbyport

kernel32

GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
GlobalFlags
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
FindFirstFileA
GetFileTime
SetErrorMode
ExitProcess
RtlUnwind
TerminateProcess
VirtualProtect
VirtualAlloc
VirtualQuery
HeapSize
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
ExitThread
SetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
FormatMessageA
InterlockedDecrement
SetLastError
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
FreeResource
LocalFree
GlobalFree
HeapAlloc
HeapFree
HeapReAlloc
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
GetSystemDirectoryA
LoadLibraryA
FreeLibrary
GetCurrentDirectoryA
GetPrivateProfileSectionNamesA
GetModuleFileNameA
lstrcpyA
GetCurrentProcess
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
MulDiv
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrcmpiA
lstrlenW
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetTickCount
Sleep
CreateThread
WaitForSingleObject
TerminateThread
lstrlenA
DeleteFileA
MoveFileExA
WritePrivateProfileStringA
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
SetCurrentDirectoryA
GetPrivateProfileStringA
GetModuleHandleA
GetProcAddress
GetSystemInfo
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetFileAttributesA

user32

InvalidateRgn
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
LoadMenuA
CharNextA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
ValidateRect
InflateRect
GetCursorPos
SetCursor
LoadCursorA
KillTimer
SetTimer
SetWindowRgn
IsRectEmpty
FindWindowA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
CopyAcceleratorTableA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
GetKeyState
SetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetSystemMenu
wsprintfA
LoadIconA
GetDC
ExitWindowsEx
UnregisterClassA
CharUpperA
RedrawWindow
AnimateWindow
ShowWindow
IsIconic
DrawIcon
SetRect
GetSysColorBrush
DestroyMenu
GetMenuItemInfoA
GetSystemMetrics
GetParent
PostMessageA
GetWindowRect
SendMessageA
SetCapture
GetCapture
InvalidateRect
UpdateWindow
GetClientRect
LoadBitmapA
OffsetRect
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
GetMessageA
IsChild
TranslateMessage
CopyRect
PtInRect
GetSysColor
ReleaseCapture
EnableWindow
GetScrollRange

gdi32

DeleteObject
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateEllipticRgn
LPtoDP
Ellipse
CreateFontIndirectA
CreateRectRgnIndirect
GetRgnBox
CreateCompatibleBitmap
GetBkColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
StretchBlt
GetStockObject
GetTextColor
CreateSolidBrush
GetTextExtentPoint32A
BitBlt
CreateCompatibleDC
GetMapMode
GetObjectA
GetViewportExtEx
SetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
AdjustTokenPrivileges
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ord17
ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathIsUNCA
UrlUnescapeA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantChangeType
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
OleLoadPicture
SafeArrayCreate
SysFreeString
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
LoadTypeLi

winmm

timeGetTime

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetOpenA
InternetCloseHandle
InternetGetConnectedState
InternetReadFile
HttpQueryInfoA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenUrlA

uxtheme

EnableThemeDialogTexture

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 388KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

264a7f03786099db495f4181dda33dbc

Headers

File Characteristics

Imports

rasapi32

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

wininet

uxtheme

version

Sections

.text Size: 388KB - Virtual size: 385KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 2.8MB - Virtual size: 2.9MB

.text
Size: 388KB - Virtual size: 385KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 2.8MB - Virtual size: 2.9MB