2024-01-06_a275801bf616408d97584e57b453ff62_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-06_a275801bf616408d97584e57b453ff62_icedid
Size

2.5MB
MD5

a275801bf616408d97584e57b453ff62
SHA1

6be1089e9f94019647f721469a0d0e0f70b89fca
SHA256

f55e89b41814c11a5625fef4dfad19fcd5321cff04e6d3260907b948b6248241
SHA512

13349bb818b2fcf389b324c3444c651cc14478bd13833e358f5b073171fb252a523c8fa0ed2d132cf3d2a15cf738f5c2c3df2669698bcb4cd7df81dcc85850e9
SSDEEP

49152:lGK5hK4ocTIswr6xRv/A0BtV35ySRkf4GW5MnpgGHtA/J:lZ5olchwr6RfBtVJPRP/5UpBHa/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-06_a275801bf616408d97584e57b453ff62_icedid

Files

2024-01-06_a275801bf616408d97584e57b453ff62_icedid
.exe windows:4 windows x86 arch:x86

f9907a2edafff3c1658d4d5360d58697

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluOrtho2D

opengl32

wglGetProcAddress
wglGetCurrentDC
wglDeleteContext
wglMakeCurrent
wglGetCurrentContext
wglShareLists
wglCreateContext
glReadBuffer
glDrawBuffer
glEnd
glVertex2i
glTexCoord2f
glColor3ub
glBegin
glEnable
glAlphaFunc
glViewport
glLoadIdentity
glMatrixMode
glCopyTexSubImage2D
glBindTexture
glTexParameteri
glDisable
glRecti
glTexSubImage2D
glTexCoord2d
glGetTexImage
glBlendFunc
glTexImage2D
glGenTextures
glDeleteTextures
glGetString

ddraw

DirectDrawCreate

winmm

timeGetTime

kernel32

DeleteFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
GetFileAttributesA
WritePrivateProfileStringA
SetErrorMode
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
ExitThread
CreateThread
HeapAlloc
CreateDirectoryA
MoveFileA
TerminateProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
InterlockedIncrement
RaiseException
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
Sleep
WideCharToMultiByte
GetVersionExA
GetCurrentDirectoryA
GetLastError
ExitProcess
CreateMutexA
GetProcAddress
LoadLibraryA
OutputDebugStringA
FreeLibrary
SetLastError
InterlockedExchange
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GlobalFree
FormatMessageA
LocalFree
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
InterlockedDecrement
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalSize
GetACP
GlobalLock
GlobalUnlock
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA

user32

InflateRect
GetMenuItemInfoA
GetSysColorBrush
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
AdjustWindowRectEx
DeferWindowPos
RegisterClassA
UnregisterClassA
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
RegisterWindowMessageA
wsprintfA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
TabbedTextOutA
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
GetMenu
PeekMessageA
GetCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
SetMenu
ShowWindow
GetWindowLongA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
EnableWindow
TranslateAcceleratorA
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
ReleaseDC
ChangeDisplaySettingsA
EnumDisplaySettingsA
SetRect
GetDC
MessageBoxA
LoadIconA
SendMessageA
UpdateWindow
ReleaseCapture
GetCursorPos
PtInRect
SetCursor
DestroyCursor
GetSystemMetrics
LoadCursorA
SetCapture
KillTimer
SetTimer
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
IsZoomed
IsIconic
PostMessageA
FillRect
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
GetWindowDC
GrayStringA
DrawTextExA
GetClassInfoA
DrawTextA
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
CreateWindowExA
SetWindowsHookExA
SetFocus
CallNextHookEx
GetKeyState

gdi32

RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
DeleteObject
SetBkMode
SetMapMode
BitBlt
GetPixel
GetObjectA
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreatePatternBrush
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetTextExtentPoint32A
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
SwapBuffers
SetPixelFormat
ChoosePixelFormat
PtVisible
DescribePixelFormat

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

ws2_32

inet_addr
bind
WSASetLastError
connect
sendto
htons
WSAAsyncSelect
htonl
gethostbyname
select
socket
recv
WSACancelAsyncRequest
inet_ntoa
WSAAsyncGetHostByName
shutdown
WSAGetLastError
accept
closesocket
WSACleanup
WSAStartup
recvfrom
send

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 440KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9907a2edafff3c1658d4d5360d58697

Headers

File Characteristics

Imports

glu32

opengl32

ddraw

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

ws2_32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 468KB - Virtual size: 467KB

.data Size: 20KB - Virtual size: 1.4MB

.rsrc Size: 440KB - Virtual size: 436KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 468KB - Virtual size: 467KB

.data
Size: 20KB - Virtual size: 1.4MB

.rsrc
Size: 440KB - Virtual size: 436KB