2024-01-09_afb600f113035ad2204b006c698dcae1_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-09_afb600f113035ad2204b006c698dcae1_icedid
Size

2.6MB
MD5

afb600f113035ad2204b006c698dcae1
SHA1

48c96b9a8582749b2e3b0f67d8489ccf4971c829
SHA256

dd59192f880d329dea25b3c008f0fbaab69a1de2971eb7f6547994b59c4df6da
SHA512

a27e1a0aa40914e7d63f9fdee9935f0ae056355ce905e0dfa43ab08bf14121d52cfdb9fa9f4f20b605f74ea9a11e927dc2f3d36e20db0fdabe9f21bdb9b351e1
SSDEEP

24576:NK2nmECWMuZFivtrl9z3qR/3IVnvn+LhBK3PoxkfwYGSS3oT3dMd8nJp9XG5qZ9r:Nif2ivtfz3zT9Hti+W8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-09_afb600f113035ad2204b006c698dcae1_icedid

Files

2024-01-09_afb600f113035ad2204b006c698dcae1_icedid
.exe windows:4 windows x86 arch:x86

8ad6125f0200be0f54a0f33c076d57e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

SetErrorMode
GetStartupInfoW
RtlUnwind
HeapReAlloc
GetSystemTimeAsFileTime
DeleteFileA
ExitThread
TerminateProcess
HeapSize
VirtualAlloc
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
GetFullPathNameW
VirtualFree
QueryPerformanceCounter
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetOEMCP
GetCPInfo
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
CreateFileA
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
RaiseException
ReleaseMutex
CreateMutexW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
FileTimeToLocalFileTime
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
lstrcatW
GetVersionExA
GlobalFree
FreeResource
FileTimeToSystemTime
SystemTimeToFileTime
GetCurrentDirectoryW
FlushInstructionCache
VirtualProtect
GetSystemInfo
GetModuleHandleA
GetCurrentProcessId
ExitProcess
GetModuleFileNameA
lstrcmpiA
WriteProcessMemory
VirtualQuery
LoadLibraryW
GetTickCount
MulDiv
CreateThread
SetEvent
CreateEventW
GetSystemTime
GlobalAlloc
GlobalLock
GlobalUnlock
FreeLibrary
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetTempFileNameW
lstrlenW
GetProcAddress
lstrcmpW
lstrcpynW
GetCurrentThreadId
lstrcmpiW
lstrcpyW
WaitForSingleObject
DeleteCriticalSection
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetVersion
IsBadReadPtr
FormatMessageW
SetFilePointerEx
BackupWrite
OutputDebugStringW
SetFileTime
LocalFree
GetFileTime
GetLogicalDriveStringsW
IsBadWritePtr
GetModuleHandleW
MultiByteToWideChar
SetLastError
WideCharToMultiByte
GetDriveTypeW
Sleep
FindNextFileW
FindClose
SetFilePointer
FlushFileBuffers
ReadFile
FindFirstFileW
CompareFileTime
WritePrivateProfileStringW
DeviceIoControl
GetModuleFileNameW
GetPrivateProfileStringW
GetTempPathW
FindResourceW
LoadResource
LockResource
SizeofResource
WriteFile
GetCurrentProcess
GetLastError
RemoveDirectoryW
SetFileAttributesW
CreateFileW
GetFileSizeEx
CloseHandle
GetWindowsDirectoryW
GetDiskFreeSpaceExW
SuspendThread
ResumeThread
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapCreate

user32

EndDialog
wvsprintfW
CreateIconIndirect
DrawTextExW
GetCapture
MessageBoxA
GetMessagePos
CopyRect
GetMenuItemID
GetSubMenu
DestroyCursor
CopyIcon
CharUpperW
CharLowerW
LoadImageW
ValidateRect
DrawIcon
IntersectRect
GetWindowWord
SetRect
GetFocus
SetFocus
DrawFrameControl
DestroyIcon
IsMenu
DrawMenuBar
EqualRect
FindWindowW
SubtractRect
GetWindowPlacement
IsWindowEnabled
SetScrollRange
SetScrollInfo
ShowScrollBar
SetScrollPos
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
DrawEdge
SetForegroundWindow
IsWindowVisible
UpdateWindow
SetCapture
ReleaseCapture
LoadCursorW
RegisterClassExW
PtInRect
GetNextDlgTabItem
GetIconInfo
GetDC
BeginPaint
EndPaint
CreateWindowExW
UnregisterClassW
SetPropW
SetWindowRgn
RemovePropW
GetMenu
SetMenu
GetWindow
GetWindowInfo
CallWindowProcW
PostMessageW
ReleaseDC
GetWindowDC
DefWindowProcW
CharUpperBuffA
LockWindowUpdate
GetSystemMenu
IsZoomed
IsIconic
EnableMenuItem
GetCursorPos
DestroyMenu
InflateRect
OffsetRect
DrawTextW
GetClassLongW
DrawIconEx
ClientToScreen
ScreenToClient
IsRectEmpty
GetMenuItemCount
CreatePopupMenu
InsertMenuItemW
GetMenuItemInfoW
FillRect
SetActiveWindow
SystemParametersInfoA
GetDlgCtrlID
RegisterClassW
GetClassInfoW
GetSystemMetrics
GetKeyState
UnhookWindowsHookEx
GetSysColorBrush
GetSysColor
SetWindowsHookExW
GetParent
GetActiveWindow
GetClassNameW
GetPropW
GetMenuState
AdjustWindowRectEx
PeekMessageW
GetMessageTime
GetTopWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextLengthW
SendDlgItemMessageA
SendDlgItemMessageW
GetClassInfoExW
WinHelpW
RegisterWindowMessageW
SetDlgItemTextW
LoadBitmapW
GetMenuCheckMarkDimensions
CheckMenuItem
ModifyMenuW
SetMenuItemBitmaps
TabbedTextOutW
GrayStringW
CallNextHookEx
LoadStringW
wsprintfW
DestroyWindow
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
GetDesktopWindow
GetWindowTextW
ShowWindow
GetDlgItem
SetWindowPos
IsWindow
SetParent
CreateDialogIndirectParamW
SetWindowTextW
EnumChildWindows
GetWindowLongW
SetWindowLongW
GetClientRect
GetWindowRect
MapWindowPoints
MoveWindow
InvalidateRect
RedrawWindow
MessageBoxW
KillTimer
SetTimer
EnableWindow
LoadIconW
SendMessageW
DrawStateW
SetCursor

gdi32

IntersectClipRect
GetRgnBox
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
LineTo
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
PtVisible
SetMapMode
ExtTextOutW
CreatePatternBrush
SetBrushOrgEx
PatBlt
UnrealizeObject
GetTextMetricsW
PtInRegion
TextOutW
GetTextExtentPoint32W
GetClipRgn
GetPixel
ExcludeClipRect
CreatePen
CreateSolidBrush
OffsetRgn
ExtCreateRegion
GetRegionData
ExtSelectClipRgn
SetDIBitsToDevice
SetStretchBltMode
StretchDIBits
RectVisible
CreateDIBSection
CreateDIBitmap
GetTextExtentPointW
GetStockObject
CreateFontIndirectW
SaveDC
SetBkMode
RestoreDC
Polygon
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
SelectPalette
RealizePalette
BitBlt
CreateBitmap
SetBkColor
SetTextColor
GetObjectW
CreateICW
GetDIBits
DeleteDC
CreateRectRgn
CombineRgn
CreateRectRgnIndirect
DeleteObject
MoveToEx

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegUnLoadKeyW
RegLoadKeyW
GetUserNameW
SetFileSecurityW
LookupAccountSidW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueW
GetTokenInformation
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
IsTextUnicode
WriteEncryptedFileRaw
EncryptFileW
OpenEncryptedFileRawW
CloseEncryptedFileRaw
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorOwner

shell32

SHGetSpecialFolderPathW
ExtractIconExW
SHCreateDirectoryExW

comctl32

ord17
_TrackMouseEvent
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Draw
ImageList_GetIcon
ImageList_Destroy
ImageList_GetImageCount

shlwapi

PathCompactPathW
PathRemoveFileSpecW
PathIsDirectoryW
PathFindExtensionW
PathFileExistsW
StrFormatByteSizeW
PathStripToRootW
PathFindFileNameW

imagehlp

ImageDirectoryEntryToData

msvcr71

malloc
free

ole32

CoInitialize
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 596KB - Virtual size: 593KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ad6125f0200be0f54a0f33c076d57e8

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

imagehlp

msvcr71

ole32

oleaut32

Sections

.text Size: 596KB - Virtual size: 593KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 596KB - Virtual size: 593KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB