2024-01-09_c27cc1a1f137b5da52f803c1147afdb2_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-09_c27cc1a1f137b5da52f803c1147afdb2_icedid
Size

420KB
MD5

c27cc1a1f137b5da52f803c1147afdb2
SHA1

56d09dfe06e63dd7089afe9f8acf91dbc83c6b4c
SHA256

56a8a52c24b2085bf6c86793c9900c283c3df046a9f9b533ced84e56798ed679
SHA512

dc6a6d25c7f26c62c3d978bbeb4e5a09a036e0967735ae8eae6f4c61346a5ec66d7beb80492abd18ef51c3e19b0627da74259c419a925c6fc57bb602a4ab283e
SSDEEP

6144:CupfJfB2oIcewxLmnjJixPUdgoYk8R0NFdLI1EeWHQkZwEfATfUCGVD3VVeeSkPQ:npfJJ2oJeaLmjYPUdLMccicGRPbQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-09_c27cc1a1f137b5da52f803c1147afdb2_icedid

Files

2024-01-09_c27cc1a1f137b5da52f803c1147afdb2_icedid
.exe windows:4 windows x86 arch:x86

ca181d322fc0232dd98ed50e64b0df33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ijl15

ord2
ord4
ord3

winmm

waveOutOpen
waveOutGetErrorTextA
waveOutPrepareHeader
waveOutWrite
mmioClose
mmioAscend
mmioWrite
mmioRead
mmioCreateChunk
mmioOpenA
mmioDescend
mmioSeek
waveInStart
waveInOpen
waveInClose
waveInReset
waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader
waveInGetErrorTextA
waveOutUnprepareHeader
waveOutReset
waveOutClose
waveOutGetPosition

kernel32

TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
InterlockedIncrement
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
GetTickCount
TlsGetValue
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
ExitThread
CreateThread
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
ReleaseSemaphore
CreateSemaphoreA
SuspendThread
ResumeThread
SetThreadPriority
FreeResource
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GlobalGetAtomNameA
GlobalAddAtomA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrcmpA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
lstrcpynA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
DeleteFileA
MoveFileA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThreadId
lstrlenA
lstrcmpiA
GetStringTypeExA
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
AllocConsole
GetStdHandle
Sleep
WaitForSingleObject
ResetEvent
SetEvent
CreateFileA
CreateEventA
ReadFile
GetLastError
GetOverlappedResult
SetFilePointer
CloseHandle
QueryPerformanceFrequency
GetLocalTime
QueryPerformanceCounter
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetSystemTime
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA

user32

TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetSysColorBrush
InflateRect
GetMenuItemInfoA
GetDCEx
LockWindowUpdate
DestroyIcon
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
RegisterClipboardFormatA
SetCapture
SetWindowRgn
DrawIcon
FindWindowA
FillRect
LoadCursorA
DestroyCursor
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
WindowFromPoint
ClientToScreen
SetRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
IsZoomed
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
PtInRect
RegisterWindowMessageA
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconA
GetClassInfoA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
ShowWindow
GetWindowLongA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
TranslateAcceleratorA
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
wsprintfA
GetSystemMetrics
UnregisterClassA
PostQuitMessage
CharUpperA
SendMessageA
ChildWindowFromPoint
SetTimer
MapWindowPoints
KillTimer
EnableWindow
UpdateWindow
GetDC
GetClientRect
ReleaseDC
GetWindowRect

gdi32

GetCharWidthA
GetBkColor
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
StretchDIBits
CreateFontIndirectA
SetRectRgn
CombineRgn
GetMapMode
GetTextColor
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CreateRectRgnIndirect
Ellipse
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
GetTextExtentPoint32A
GetTextMetricsA
CreateBitmap
GetObjectA
SetBkColor
GetClipBox
CreateCompatibleBitmap
CreateDCA
GetDeviceCaps
CreateCompatibleDC
SelectObject
SetStretchBltMode
MoveToEx
EndPage
StartPage
StartDocA
GetStockObject
PatBlt
LineTo
SetBkMode
SetTextColor
TextOutA
StretchBlt
DeleteDC
DeleteObject
CreateDIBSection
CreateFontA
CreateSolidBrush
CreatePen
Rectangle
DPtoLP
GetViewportOrgEx
SetTextAlign

comdlg32

GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

winspool.drv

DocumentPropertiesA
GetJobA
ClosePrinter
OpenPrinterA

advapi32

GetFileSecurityA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
SetFileSecurityA

shell32

SHGetFileInfoA
DragFinish
ExtractIconA
DragQueryFileA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveExtensionA

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
SysFreeString
OleCreateFontIndirect
SysAllocString
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca181d322fc0232dd98ed50e64b0df33

Headers

File Characteristics

Imports

ijl15

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 12KB - Virtual size: 119KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 12KB - Virtual size: 119KB

.rsrc
Size: 32KB - Virtual size: 28KB