2024-01-09_baf0676e7f4927b8cf5e2d129cad22cd_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-09_baf0676e7f4927b8cf5e2d129cad22cd_icedid
Size

291KB
MD5

baf0676e7f4927b8cf5e2d129cad22cd
SHA1

111ff0345a221c6bdf3823545874f94276f2a2f6
SHA256

2eb839862fc79a713d3dc7b0009493cc8d7431092c01eb3ad86222d6423d813c
SHA512

78518bc91069cbbc97574f9c87c55015cf92de1134d2a03c1868def5089227d402d31d837e27ca8c168759caa8f4608448fe02f98cffd365b8be8c7326ba734b
SSDEEP

6144:gDnn8P17Z0PjWlMqG3NiZhxuKqT6EIlAI+W36:w+iWi3NiZqKqTwlr36

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-09_baf0676e7f4927b8cf5e2d129cad22cd_icedid

Files

2024-01-09_baf0676e7f4927b8cf5e2d129cad22cd_icedid
.exe windows:5 windows x86 arch:x86

0e8fae08bc5474d2882fbf54f8564a81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
VirtualAlloc
HeapReAlloc
ExitProcess
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
GetModuleHandleW
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetCurrentProcessId
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
SetThreadPriority
FreeResource
WritePrivateProfileStringA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleA
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
GetExitCodeProcess
CreateProcessA
GetTempPathA
Sleep
GetExitCodeThread
ResumeThread
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
WaitForSingleObject
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetVersionExA
LCMapStringA
GetProcessHeap

user32

GetSysColorBrush
CharUpperA
ShowWindow
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
UnregisterClassA
DestroyMenu
GetClassInfoA
LoadCursorA
PeekMessageA
DispatchMessageA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
InvalidateRect
wsprintfA
LoadImageA
IsWindow
DrawIcon
GetClientRect
GetSysColor
IsIconic
GetWindowRect
GetDesktopWindow
GetSystemMetrics
SendMessageA
LoadIconA
EnableWindow
PostMessageA
SetWindowTextA
SetWindowTextW
LoadStringW
MessageBoxW
SetWindowLongA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
SelectPalette
SetViewportExtEx
CreateSolidBrush
ScaleViewportExtEx
DeleteObject
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
PatBlt
GetDeviceCaps
CreateFontIndirectA
GetObjectA
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
BitBlt
CreateBitmap
GetStockObject
StretchBlt
CreateCompatibleDC
RealizePalette

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA

comctl32

ord17

shlwapi

PathRemoveFileSpecA
StrFormatByteSizeW
PathCombineA
PathFindExtensionA
UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

wsock32

WSAStartup
WSASetLastError
WSACleanup

wininet

InternetConnectA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetCrackUrlA

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e8fae08bc5474d2882fbf54f8564a81

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

wsock32

wininet

Sections

.text Size: 181KB - Virtual size: 181KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 9KB - Virtual size: 23KB

.rsrc Size: 54KB - Virtual size: 54KB

.text
Size: 181KB - Virtual size: 181KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 9KB - Virtual size: 23KB

.rsrc
Size: 54KB - Virtual size: 54KB