2024-01-10_16f24dd3f5695caecd37b0a09fdf858a_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-10_16f24dd3f5695caecd37b0a09fdf858a_icedid
Size

2.4MB
MD5

16f24dd3f5695caecd37b0a09fdf858a
SHA1

2a2b784eb6c83cb3daa29979daa3cbca7acb6c97
SHA256

98beab8fcbca04b2b2dc953fde1a69ddaf9a935c60eb160de238646dff7bed90
SHA512

75d0fcb3c99ad06e342cab4baf7fee93b5acf437d663955a90052ac2d7ce9dd7eab3a7bb16f7fd5a46d639eb746956796ea15b8f78a0bbf04ee7a29e4426f46a
SSDEEP

49152:rWJ08fCZ+PcefkdyqbOKZBjEzlp0wmwffPPvIbT8SaOrjQ9ObcyTqlmLRldFgoQ8:rWJRlkefkdyQZSB6wtxrOq22aTOSJ

Score

1^/10

Malware Config

Signatures

Files

2024-01-10_16f24dd3f5695caecd37b0a09fdf858a_icedid
.exe windows:4 windows x86 arch:x86

e03f09afe3b1068d573a77d09b227f0a

Code Sign

04:bf:8c:0d:ba:3a:a3:ed:b2:7b:65:f8:41:3a:6a:e2:b1:9e:e3:78
Signer

Actual PE Digest

04:bf:8c:0d:ba:3a:a3:ed:b2:7b:65:f8:41:3a:6a:e2:b1:9e:e3:78

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

htons
inet_ntoa
WSACleanup
getservbyport
WSAGetLastError
gethostbyname
gethostbyaddr
htonl
WSASetLastError
inet_addr
getservbyname
ntohs
ntohl
WSAEnumProtocolsW
WSAIoctl
WSARecvFrom
setsockopt
recvfrom
select
sendto
WSASocketW
WSACloseEvent
closesocket
WSAResetEvent
WSAGetOverlappedResult
WSACreateEvent
bind
socket
getaddrinfo
WSAStartup

setupapi

SetupDiGetDriverInfoDetailW
SetupDiSetDeviceInstallParamsW
SetupDiGetClassDevsW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
InstallHinfSectionW
SetupDiDestroyDriverInfoList

kernel32

GetSystemDirectoryA
LoadLibraryA
FindFirstFileA
DeleteFileA
FindNextFileA
lstrcmpA
GetFileAttributesA
GetModuleFileNameA
GetDiskFreeSpaceW
HeapSize
SearchPathW
HeapReAlloc
CreatePipe
FileTimeToDosDateTime
GlobalAlloc
GetVersionExA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GetModuleHandleA
MulDiv
GlobalUnlock
GlobalLock
VirtualProtect
InterlockedExchange
CompareStringA
CreateFileA
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
GetCurrentThread
GetThreadLocale
FlushFileBuffers
DuplicateHandle
GetFullPathNameW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
FindResourceExW
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
SetStdHandle
GetFileType
VirtualAlloc
VirtualQuery
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
LoadLibraryExW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetCurrentThreadId
ResumeThread
GetCurrentProcessId
OpenMutexW
CreateMutexW
ReleaseMutex
EnumSystemLanguageGroupsW
EnumLanguageGroupLocalesW
LockFile
SetEndOfFile
UnlockFile
CreateEventW
SetEvent
PulseEvent
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
ExpandEnvironmentStringsW
GlobalMemoryStatus
GetComputerNameW
HeapFree
GetSystemInfo
GetProcessHeap
GetLogicalDrives
HeapAlloc
GetLogicalDriveStringsW
GetDriveTypeW
OutputDebugStringW
GetCommandLineW
ExitProcess
GetSystemDefaultLangID
GetUserDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultUILanguage
CompareFileTime
lstrcmpW
lstrcatW
GetStdHandle
CreateProcessW
WriteFile
SetFileAttributesW
GetVolumePathNameW
TerminateProcess
CreateToolhelp32Snapshot
OpenProcess
GetTickCount
Process32NextW
SetLastError
Process32FirstW
WritePrivateProfileSectionW
FindFirstFileExW
GetShortPathNameW
GetVolumeInformationW
WritePrivateProfileStringW
lstrcpynA
GetLocalTime
GetVersionExW
SetCurrentDirectoryW
lstrcmpiW
GetTempPathW
FormatMessageW
GetCurrentDirectoryW
FileTimeToLocalFileTime
GetCurrentProcess
FileTimeToSystemTime
InterlockedDecrement
GetPrivateProfileSectionW
GetFileTime
LocalFree
GlobalFree
GetFileAttributesW
GetWindowsDirectoryW
GetModuleHandleW
GetModuleFileNameW
WaitForSingleObject
GetExitCodeProcess
GetProcAddress
LockResource
SizeofResource
LoadResource
FindResourceW
MoveFileExW
GetTempFileNameW
lstrcpynW
CreateFileW
ReadFile
CloseHandle
GetFileSize
SetFilePointer
MultiByteToWideChar
GetLastError
FindFirstFileW
DeleteFileW
lstrlenA
WideCharToMultiByte
CopyFileW
FindNextFileW
Sleep
GetPrivateProfileStringW
FindClose
CreateDirectoryW
GetSystemDirectoryW
GetPrivateProfileIntW
lstrlenW
RemoveDirectoryW
lstrcpyW
LoadLibraryW
FreeLibrary
InterlockedCompareExchange
GetLocaleInfoW

user32

UjreeisterClassW
Ge4SysColorBrush
DestroyMenu
CharUpperW
SetWindowContextHelpId
PostQuitMesqage
GetMessageW
GetCursorPos
ValidateRect
GatDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetActiveWindow
MapDialogRect
GetAsyncKeyState
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ReleaseDC
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
AsRectEmpty
GetMessageTime
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
DestroyIcon
CopyIcon
TranslateMessage
MsgWaitForMultipleObjects
DispatchMessageW
DrawIcon
IsIconic
AppendMenuW
GetSystemMenu
GetSystemMetrics
CharNextW
ExitWindowsEx
FindWindowW
SetTimer
KillTimer
GetClassInfoW
LoadIconW
GetCursor
LoadCursorW
MessageBoxW
LoadStringW
PeekMessageW
wsprintfW
InvalidateRect
GetDC
GetSysColor
PostMessageW
FillRect
GetClientRect
DrawStateW
DrawFocusRect
RedrawWindow
GetParent
DestroyCursor
SetCursor
FrameRect
GetWindowRect
UpdateWindow
SendMessageW
EnableWindow
PoqtThreadLessageW
RegisterClipboardFormatW
CopyAcceleratorTableW
ReleaseCapture
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetMessagePos
SetRect
SetCaptur%
UnhookWindowsHookEx
UnregisterClassA
DefWindowProcW

gdi32

CreateSolidBrush
GetMapMode
GetTextColor
GetRgnBox
EnumFontFamiliesExW
TextOutW
RectVisible
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
PtVisible
GetWindowExtEx
GetViewportExtEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetextColor
GetClipBox
GetDeviceCaps
GetTehtExtentPoin32W
Escape
GetObjectW
CreAteFontInd)rectW
GetBkColor
DeleteObject
ExtTextOutW

comdlg32

GetFileTitleW

winspool.drv

ord203
ClosePri.ter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
LookupAccountNameW
GetSidIdentifierAuthority
GetSidSubAuthorityCount
RegOpenKeyW
QueryServiceConfigW
StartServiceW
ControlService
DeleteService
IsValidSid
GetSecurityDescriptorControl
MakeAbsoluteSD
GetSecurityDescriptorLength
GetSecurityDescriptorSacl
AddAce
CopySid
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
InitializeSid
GetSecurityDescriptorOwner
GetAclInformation
GetLengthSid
GetSidLengthRequired
SetSecurityDescriptorDacl
GetSidSubAuthority
InitializeAcl
MakeSelfRelativeSD
InitializeSecurityDescriptor
RegFlushKey
RegEnumValueW
OpenP2ocessToken
AdjustTojenPrivileges
LookupPrivilegeValueW
GetUserNameW
EnumServicesStatusW
CloseEventLog
OpenEventLogW
BackupEventLogW
OpenServiceW
Que2yServicdStatus
OpenSCManagerG
CloseSeRviceHandle
RegEnumKeiExW
RegQueryInfoKeyW
RegDeleteValudW
ReGSetValueExW
RegDeleteKeyS
RegQueryValueExW
ReGOpenKeyExW
RegClo3eKey
RegCreateKeyExG

shell32

SHCreateDirectoryExW
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderPathW
SHGetFileInfoW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameA
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleRun
CLSIDFromString
CoUninitialize
CoInitialize
CoCreateInstance
CoSetProxyBlanket
StringFromGUID2
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx

oleaut32

SystemTimeToVariantTime
SysAllocStringLen
SafeArrayGetElement
VariantInit
SysFreeString
SafeArrayCreate
SafeArrayPutElement
VariantClear
SysAllocString
VariantTimeToSystemTime
VarUdateFromDate
VariantChangeType
SysStringLen
VariantCopy
OleCreateFontIndirect
SafeArrayDestroy

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 376KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e03f09afe3b1068d573a77d09b227f0a

Code Sign

04:bf:8c:0d:ba:3a:a3:ed:b2:7b:65:f8:41:3a:6a:e2:b1:9e:e3:78Signer

Headers

File Characteristics

Imports

version

ws2_32

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 544KB - Virtual size: 543KB

.data Size: 116KB - Virtual size: 132KB

.rsrc Size: 376KB - Virtual size: 372KB

04:bf:8c:0d:ba:3a:a3:ed:b2:7b:65:f8:41:3a:6a:e2:b1:9e:e3:78
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 544KB - Virtual size: 543KB

.data
Size: 116KB - Virtual size: 132KB

.rsrc
Size: 376KB - Virtual size: 372KB