2024-01-08_0107bffab11e4d9c57f5e41b01f280a4_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-08_0107bffab11e4d9c57f5e41b01f280a4_icedid
Size

3.9MB
MD5

0107bffab11e4d9c57f5e41b01f280a4
SHA1

fe003c2764da2059f1e0784cd94471d29f198df0
SHA256

0d20e4c40b57498b0af21f728da4e0e896f5267f7e335db25ac33ca4270da147
SHA512

4ca16026852d80da9553493138b5c8961e0a1444f1fc4936f59d9e595f8c669531303468fb1549ca41b735594f41f3dd23ac9636322afa6499bd777cf997b331
SSDEEP

98304:kKl1ChxjpN0NNO2Re6MonoP/aCBl50B65aIRISZsCAmE64+cy:kKAAHM9Pzi6wIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-08_0107bffab11e4d9c57f5e41b01f280a4_icedid

Files

2024-01-08_0107bffab11e4d9c57f5e41b01f280a4_icedid
.exe windows:4 windows x86 arch:x86

597e433c85f3619e74c9759ab2e5a3dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameW
LocalAlloc
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
LocalFileTimeToFileTime
SetFileTime
GetFileTime
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
LocalUnlock
LocalLock
lstrcpyW
lstrcpyA
GetTempFileNameW
GetDiskFreeSpaceW
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
ExitProcess
DebugBreak
ExitThread
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GlobalGetAtomNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FatalAppExitA
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
SetConsoleCtrlHandler
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
lstrlenA
GetProfileIntW
GetSystemDirectoryA
MoveFileExA
InterlockedCompareExchange
ReleaseMutex
ReleaseSemaphore
CreateSemaphoreW
SuspendThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
FileTimeToLocalFileTime
FindNextFileW
SystemTimeToFileTime
FileTimeToSystemTime
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpA
GetModuleHandleA
CopyFileW
LocalFree
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetWindowsDirectoryW
GlobalSize
GetVersionExW
SetLastError
CreateThread
ResumeThread
WaitForMultipleObjects
GetCommModemStatus
ClearCommError
ReadFile
WriteFile
GetOverlappedResult
GetCommMask
GetCommTimeouts
SetCommTimeouts
WaitCommEvent
WaitForSingleObject
CancelIo
SetEvent
SetCommMask
GetCommState
SetCommState
CreateEventW
SetupComm
HeapFree
GetLocalTime
DeleteFileW
PurgeComm
GetTickCount
UnmapViewOfFile
GetFileAttributesW
SetFileAttributesW
CreateFileW
CreateFileMappingW
CloseHandle
MapViewOfFile
RaiseException
lstrcmpiW
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetModuleHandleW
DeleteCriticalSection
CreateMutexW
GetLastError
GetCurrentDirectoryW
GetSystemDirectoryW
LoadLibraryW
FreeLibrary
GetProcAddress
MulDiv
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
Sleep
FormatMessageW
GetProcessHeap
HeapAlloc
InterlockedDecrement
InterlockedIncrement
EnumSystemLocalesW
GetModuleFileNameW
WideCharToMultiByte
lstrlenW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetEnvironmentStrings

user32

TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
PostThreadMessageW
GetTabbedTextExtentW
DestroyIcon
WaitMessage
DeleteMenu
GetDialogBaseUnits
GetSysColorBrush
DestroyMenu
GetMenuItemInfoW
MsgWaitForMultipleObjects
MapVirtualKeyW
GetKeyNameTextW
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
ShowOwnedPopups
GetMessageW
ValidateRect
PostQuitMessage
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
SetMenu
RemoveMenu
GetWindowThreadProcessId
IsWindowEnabled
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
ScrollWindow
InvalidateRect
SendMessageW
MessageBoxA
wsprintfA
UnregisterClassA
GetWindowRect
EnableWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
BringWindowToTop
InsertMenuItemW
LoadAcceleratorsW
LoadMenuW
ReuseDDElParam
UnpackDDElParam
SetParent
UnionRect
GetDCEx
LockWindowUpdate
InsertMenuW
EnumChildWindows
GetClassNameW
GetQueueStatus
SetWindowPos
EqualRect
UpdateWindow
IsWindowVisible
GetParent
GetWindowLongW
PostMessageW
SetTimer
KillTimer
RedrawWindow
MessageBoxW
ReleaseDC
GetDC
SetDlgItemInt
PtInRect
SetRectEmpty
CharNextW
AppendMenuW
GetSystemMenu
GetClientRect
LoadIconW
DrawIconEx
LoadImageW
ReleaseCapture
DrawTextW
CreatePopupMenu
CheckMenuRadioItem
ClientToScreen
SetCapture
GetSysColor
SetCursor
MessageBeep
RegisterWindowMessageW
SetRect
InflateRect
FillRect
FrameRect
DrawEdge
LoadCursorW
SystemParametersInfoW
IsWindow
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
CallWindowProcW
SetWindowLongW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
CopyIcon
DestroyCursor
TranslateMessage
DispatchMessageW
DrawFrameControl
WindowFromPoint
IsRectEmpty
CopyRect
GetDoubleClickTime
GetFocus
GetCapture
ScreenToClient
GrayStringW
DrawTextExW
TabbedTextOutW
InvertRect
OffsetRect
ClipCursor
IntersectRect
GetMessagePos
GetSystemMetrics
IsClipboardFormatAvailable
GetCursorPos
GetKeyState
GetClassInfoW
DefWindowProcW

gdi32

CombineRgn
DPtoLP
SetAbortProc
SetRectRgn
GetTextColor
GetRgnBox
CreateRectRgnIndirect
CreateHatchBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
GetCharWidthW
CreateCompatibleBitmap
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
CreateDCW
CopyMetaFileW
SetBkColor
GetClipBox
GetDCOrgEx
PatBlt
AbortDoc
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
CreateFontW
GetCurrentObject
SetTextColor
SelectObject
DeleteObject
EndDoc
EndPage
StartPage
StartDocW
BitBlt
Rectangle
CreateFontIndirectW
CreatePen
DeleteDC
GetTextExtentPointW
GetTextMetricsW
GetTextExtentPoint32W
GetMapMode
GetDeviceCaps
CreateCompatibleDC
CreatePalette
CreateSolidBrush
CreateBrushIndirect
StretchDIBits
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetSystemPaletteEntries
GetObjectW
ScaleWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

SetFileSecurityW
RegCreateKeyW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
GetFileSecurityW

shell32

SHGetFileInfoW
ExtractIconW
DragFinish
DragQueryFileW
ShellExecuteW

shlwapi

PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW
PathStripToRootW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

StringFromGUID2
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
CoTreatAsClass
StringFromCLSID
ReleaseStgMedium
CreateBindCtx
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CLSIDFromProgID
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
OleRun
CLSIDFromString
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CoGetClassObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoDisconnectObject
ReadClassStg

oleaut32

SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayPtrOfIndex
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
CreateErrorInfo
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VarDateFromStr
VariantChangeType
VariantCopy
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
VariantClear
VariantInit
DispCallFunc
VarBstrFromDate
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocString
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysReAllocStringLen
SysFreeString
GetErrorInfo
SetErrorInfo

gdiplus

GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipCreatePen1
GdipDeletePen
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipDrawEllipse
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipSetPenWidth
GdipSetPenDashStyle
GdipSetPenDashArray
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetPageUnit
GdipDrawLine
GdipDrawRectangle
GdipFillRectangle
GdipDrawString
GdiplusStartup
GdiplusShutdown
GdipCreateSolidFill

odbc32

ord4
ord117
ord141
ord110
ord2
ord1
ord23
ord15
ord9
ord14
ord3
ord61
ord16
ord20
ord108
ord48
ord49
ord111
ord119
ord12
ord46
ord18
ord13
ord59
ord43
ord68
ord44
ord145
ord150
ord51
ord5
ord72

winmm

timeKillEvent
timeEndPeriod

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 672KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

597e433c85f3619e74c9759ab2e5a3dc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

gdiplus

odbc32

winmm

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 672KB - Virtual size: 668KB

.data Size: 144KB - Virtual size: 241KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 672KB - Virtual size: 668KB

.data
Size: 144KB - Virtual size: 241KB

.rsrc
Size: 72KB - Virtual size: 72KB