2024-01-09_241b12cbd12435b169684331a674351d_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-09_241b12cbd12435b169684331a674351d_icedid
Size

396KB
MD5

241b12cbd12435b169684331a674351d
SHA1

eef25190b3a48ac308612e5f666d36967dd62e90
SHA256

f48a1f80ade34b6879e5144b2aa4c71b739eb273639c55b1d69b0bc940427e4b
SHA512

50b966b013b667426b8b5238ff0136f02123ddb0ceb9d2e824f7cf8883aad19ee5c44a2f69ebedf520477bf296daf8983aef15fb14ac62d72003eb62d4e06cb6
SSDEEP

6144:06BaWnVS3xfuTAB0tbqd/8BKbRSkEzQx/uoEYSy2Rp2Co7t:06BdShwtbqd/hbzx/jVSy2Rpyt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-09_241b12cbd12435b169684331a674351d_icedid

Files

2024-01-09_241b12cbd12435b169684331a674351d_icedid
.exe windows:4 windows x86 arch:x86

453a08e5e311187977df1191ab0259b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA
UuidFromStringA
UuidCreate

kernel32

VirtualAlloc
RtlUnwind
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
IsBadReadPtr
HeapReAlloc
HeapFree
HeapAlloc
GetFileTime
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
FileTimeToSystemTime
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
lstrcmpA
FreeLibrary
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
SetLastError
GetVersionExA
GetTickCount
Sleep
FindClose
GetFileAttributesA
CreateFileA
GetFileSize
CloseHandle
GetCurrentThreadId
GetModuleFileNameA
FindFirstFileA
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
QueryPerformanceCounter

user32

SetWindowTextA
TabbedTextOutA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
DestroyMenu
GetSysColorBrush
UnregisterClassA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextA
GetLastActivePopup
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
IsWindowVisible
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
AdjustWindowRectEx
IsDialogMessageA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
GetWindow
UnhookWindowsHookEx
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SystemParametersInfoA
DrawFrameControl
DrawEdge
GetKeyState
GetTabbedTextExtentA
SetCursorPos
FrameRect
DrawTextA
IntersectRect
InflateRect
PtInRect
IsRectEmpty
FindWindowA
SendMessageTimeoutA
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
IsIconic
ShowWindow
WaitForInputIdle
SetFocus
MessageBoxA
PostQuitMessage
PostMessageA
CopyRect
RegisterWindowMessageA
GetSysColor
LoadImageA
LoadCursorFromFileA
DestroyCursor
IsWindow
SetCursor
GetCursorPos
GetCursor
ShowCursor
GetForegroundWindow
KillTimer
SetTimer
InvalidateRect
UpdateWindow
ReleaseDC
GetDC
ScreenToClient
GetClientRect
GetWindowRect
SetWindowRgn
IsZoomed
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
GetSystemMenu
SendMessageA
ModifyMenuA
AppendMenuA
FillRect
GetSystemMetrics
OffsetRect
EnableWindow
LoadIconA
RegisterClassA
LoadCursorA
CharUpperA
GetWindowPlacement

gdi32

GetObjectA
GetPixel
SetPixel
StretchDIBits
SetStretchBltMode
Rectangle
RoundRect
Ellipse
RealizePalette
SelectPalette
SetTextColor
SetBkColor
SetBkMode
DeleteDC
GetTextExtentPoint32A
GetTextMetricsA
GetDeviceCaps
GetClipBox
CreateBitmap
SaveDC
RestoreDC
SetMapMode
DeleteObject
LineTo
MoveToEx
CreateFontIndirectA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
CreatePen
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetPaletteEntries
CombineRgn
CreateRectRgn
UpdateColors
CreateRoundRectRgn
CreateEllipticRgnIndirect
CreateSolidBrush
GetDIBColorTable
CreatePalette
CreateHalftonePalette
CreateBrushIndirect

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteExA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

winmm

PlaySoundA

Sections

.text
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

453a08e5e311187977df1191ab0259b8

Headers

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

winmm

Sections

.text Size: 264KB - Virtual size: 261KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 60KB - Virtual size: 97KB

.text
Size: 264KB - Virtual size: 261KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 60KB - Virtual size: 97KB