2024-01-08_4c432b841b724d52a5b2ad01ce5af0db_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-08_4c432b841b724d52a5b2ad01ce5af0db_icedid
Size

3.1MB
MD5

4c432b841b724d52a5b2ad01ce5af0db
SHA1

db738bb968e50cd64c91ebbbf5b6de692d0026df
SHA256

2448452f7bcb7d570fe3fef3189a1f9acc95fd72ee1e78684d278248fa72ce75
SHA512

6e9d714b7123e0f5d242780157f316c3c6812a8e2587bca390100de1d18648c1a8c960d62a730d002b269535ffcc451a573d21c1d4aa8232dda738dd72ae9cbb
SSDEEP

98304:Vo1wd7/p07KlE0rNZt9LEZqxn51KgLWZ0jNaq:Vo1wdl07KloqTPjNaq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-08_4c432b841b724d52a5b2ad01ce5af0db_icedid

Files

2024-01-08_4c432b841b724d52a5b2ad01ce5af0db_icedid
.exe windows:6 windows x86 arch:x86

8b11f636b4cd53668d146d8eb15b0ef8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recvfrom
sendto
send
__WSAFDIsSet
select
ioctlsocket
accept
bind
WSAIoctl
listen
WSACleanup
WSAStartup
gethostname
getaddrinfo
closesocket
WSASetLastError
getpeername
getsockname
WSAGetLastError
socket
ntohs
connect
recv
getsockopt
htons
setsockopt
freeaddrinfo

wldap32

ord30
ord35
ord50
ord32
ord27
ord143
ord211
ord301
ord22
ord46
ord26
ord60
ord200
ord79
ord33
ord41

netapi32

Netbios

kernel32

GetFileTime
SystemTimeToTzSpecificLocalTime
GetACP
FindResourceExW
GetWindowsDirectoryA
GetOEMCP
VerifyVersionInfoA
GetTempPathA
GetProfileIntA
SearchPathA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
VirtualProtect
GetUserDefaultUILanguage
GlobalFlags
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
FileTimeToSystemTime
GlobalGetAtomNameA
lstrcmpA
CompareStringA
ResumeThread
SetThreadPriority
SetEvent
MultiByteToWideChar
MulDiv
GlobalSize
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
GetFileSizeEx
LocalReAlloc
GlobalFree
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
OutputDebugStringA
LocalUnlock
LocalFree
GetCurrentThreadId
LocalAlloc
LocalLock
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
CreateProcessA
GetStartupInfoA
GetProcessTimes
GlobalUnlock
SetThreadContext
GetFileAttributesExA
GetTempFileNameA
lstrcmpiA
GlobalLock
Beep
GetThreadContext
GlobalAlloc
DeleteFileA
GetCurrentThread
CopyFileA
OpenProcess
GetVolumeInformationA
FindClose
WriteFile
GetCurrentProcess
CompareFileTime
GetModuleFileNameA
lstrcpyA
CreateFileA
GetModuleHandleA
lstrlenA
CreateThread
ExitThread
GetCurrentDirectoryA
GetTickCount
GetFileType
FreeLibrary
GetProcAddress
LoadLibraryA
PeekNamedPipe
WaitForMultipleObjects
GetStdHandle
ReadFile
FormatMessageA
Sleep
ExpandEnvironmentStringsA
CloseHandle
WaitForSingleObject
SleepEx
GetVersionExA
DeleteCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
FindNextFileA
FindFirstFileA
GetFileAttributesA
FileTimeToLocalFileTime
GetCurrentProcessId
GetCPInfo
OutputDebugStringW
RtlUnwind
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
FreeLibraryAndExitThread
GetModuleHandleExW
SetFilePointerEx
ExitProcess
QueryPerformanceFrequency
GetSystemInfo
VirtualAlloc
VirtualQuery
HeapQueryInformation
GetCommandLineA
GetCommandLineW
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetCurrentDirectoryW
GetFullPathNameW
GetStringTypeW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
VerSetConditionMask
WriteConsoleW

user32

TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
InsertMenuItemA
LoadMenuA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongA
DrawStateA
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextA
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
DeleteMenu
SetCursor
ShowOwnedPopups
LoadImageW
TrackMouseEvent
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
CopyImage
InflateRect
GetMenuItemInfoA
DestroyMenu
GrayStringA
DrawTextExA
DrawTextA
RealChildWindowFromPoint
CharUpperA
DestroyIcon
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
LoadIconW
GetTopWindow
GetClassLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
RemovePropA
DefMDIChildProcA
SetPropA
ShowScrollBar
GetScrollPos
RedrawWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
IsChild
IsMenu
GetClassInfoExA
GetClassInfoA
CallWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetWindowTextLengthA
GetSysColorBrush
CallNextHookEx
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemID
GetSubMenu
GetMenuStringA
GetLastActivePopup
IsWindowEnabled
FillRect
GetScrollRange
GetSysColor
TabbedTextOutA
SetScrollRange
SetScrollPos
ScrollWindow
UpdateWindow
InvalidateRect
BeginPaint
EndPaint
GetWindowThreadProcessId
GetMenuState
UnregisterHotKey
GetWindow
LoadCursorA
DestroyWindow
keybd_event
GetMenuItemCount
EnumChildWindows
PostMessageA
DialogBoxParamA
DefFrameProcA
VkKeyScanA
OpenClipboard
TranslateAcceleratorA
CloseClipboard
EmptyClipboard
ChangeDisplaySettingsA
LoadAcceleratorsA
SetWindowPlacement
MapVirtualKeyA
RegisterHotKey
EnumDisplaySettingsA
MoveWindow
EnumWindows
SetFocus
BringWindowToTop
GetWindowDC
SetClipboardData
CreateDialogParamA
LoadIconA
SystemParametersInfoA
KillTimer
GetDesktopWindow
SetForegroundWindow
IsIconic
SetCursorPos
GetCursorPos
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetComboBoxInfo
ReuseDDElParam
GetPropA
UnpackDDElParam
GetGUIThreadInfo
SendInput
EnableWindow
LoadImageA
GetWindowRect
ClientToScreen
GetClientRect
GetDC
LoadStringA
GetSystemMetrics
GetClassNameA
GetWindowPlacement
wsprintfA
GetWindowTextA
wvsprintfA
SetWindowTextA
MessageBoxA
GetMessageA
DispatchMessageA
IsWindow
SetWindowLongA
SetWindowsHookExA
RegisterClassA
UnhookWindowsHookEx
DefWindowProcA
CreateWindowExA
TranslateMessage
PostQuitMessage
SetTimer
ReleaseDC
GetMenu
EndDialog
ShowWindow
GetWindowLongA
SendMessageA
DrawMenuBar
GetDlgItem
GetParent
ModifyMenuA
SetScrollInfo

gdi32

ScaleWindowExtEx
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
SaveDC
SelectClipRgn
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
ScaleViewportExtEx
SetWindowExtEx
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
GetLayout
SetLayout
SetMapMode
OffsetWindowOrgEx
OffsetViewportOrgEx
OffsetRgn
SetWindowOrgEx
SetBkMode
PtVisible
SetViewportOrgEx
SetViewportExtEx
RectVisible
ExtTextOutA
TextOutA
MoveToEx
SetTextAlign
SetROP2
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
CreateDCA
CopyMetaFileA
SetTextColor
SetBkColor
CreateSolidBrush
GetTextMetricsA
GetTextExtentPointA
BitBlt
CreateCompatibleBitmap
CreateDIBSection
GetDeviceCaps
SelectObject
CreateCompatibleDC
DeleteDC
DeleteObject
SelectPalette
GetStockObject
SetPixel
CreateFontIndirectA
GetObjectA
GetPixel
ExtSelectClipRgn
SetPolyFillMode

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetOpenFileNameA
ChooseFontA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetDesktopFolder

shlwapi

PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindFileNameA

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
DrawThemeBackground

ole32

RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
OleGetClipboard
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoDisconnectObject
DoDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoLockObjectExternal

oleaut32

SysFreeString
SysAllocString
VariantInit
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
LoadTypeLi
SysAllocStringByteLen
SysStringLen

gdiplus

GdipDrawImageRectI
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipSetInterpolationMode

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b11f636b4cd53668d146d8eb15b0ef8

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

netapi32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 496KB - Virtual size: 495KB

.data Size: 25KB - Virtual size: 59KB

.rsrc Size: 199KB - Virtual size: 198KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 496KB - Virtual size: 495KB

.data
Size: 25KB - Virtual size: 59KB

.rsrc
Size: 199KB - Virtual size: 198KB