2024-01-10_219fe4ee69135924fc781d4629931df8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_219fe4ee69135924fc781d4629931df8_icedid
Size

340KB
MD5

219fe4ee69135924fc781d4629931df8
SHA1

ae11758b7b392b4e42d7d831116730906336690a
SHA256

7990352d6afc12ae5f6942df75d4440a526908b968cebea5796fa29c85b5c38b
SHA512

e7248a437b91a49ccb5b7beb82b5fe04ae2b8ae9889dfc6b3337f82541e8416b9b961ec03d44440b0cb0d48a7d4d608af20dde5b861861b95f5c4ee068e51b58
SSDEEP

6144:uzaMC5kp7pgHuCPDRaXUKGf1SKVONVrLB2y7scUijCfDCf9uhmXv/:uZCeGrLWUKGvWkA5u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-10_219fe4ee69135924fc781d4629931df8_icedid

Files

2024-01-10_219fe4ee69135924fc781d4629931df8_icedid
.exe windows:4 windows x86 arch:x86

5f72b20a05b5f4a3f75f6b7db573e387

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
ExitProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
TerminateProcess
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
SetErrorMode
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
GetOEMCP
GetCPInfo
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
InterlockedDecrement
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
WinExec
Beep
GetLocalTime
CompareStringW
CompareStringA
FlushFileBuffers
GetCommState
SetCommState
SetupComm
GetTickCount
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WriteFile
ReadFile
WideCharToMultiByte
MultiByteToWideChar
ClearCommError
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCommModemStatus
PurgeComm
CreateFileA
HeapCreate
CloseHandle

user32

SetParent
GetMessageA
ValidateRect
ShowOwnedPopups
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetCursorPos
WindowFromPoint
ClientToScreen
SetRect
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
SetCursor
ReleaseCapture
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsChild
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
TrackPopupMenu
GetKeyState
SetForegroundWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
wsprintfA
MapWindowPoints
MessageBoxA
CharUpperA
PostMessageA
SendMessageA
LoadIconA
EnableWindow
InflateRect
GetClientRect
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindow
SetFocus
UnhookWindowsHookEx
GetMenuState
SetCapture
LockWindowUpdate
GetDCEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetMenuItemInfoA
IsWindowVisible
GetSysColorBrush
TranslateAcceleratorA
FillRect
ScreenToClient
InvalidateRect
SetTimer
KillTimer
GetScrollPos
SetScrollPos
SetScrollRange
LoadAcceleratorsA
LoadCursorA
TranslateMessage
DispatchMessageA
PeekMessageA
GetFocus
GetWindowRect
UpdateWindow
GetSystemMetrics
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog

gdi32

CreatePatternBrush
GetStockObject
CreatePen
DPtoLP
StartPage
SetAbortProc
AbortDoc
EndDoc
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
CreateRectRgn
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
StartDocA
GetPixel
BitBlt
EndPage
CreateSolidBrush
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDCA
GetDeviceCaps
GetTextExtentPoint32A
GetTextMetricsA
TextOutA
SelectObject
CreateFontA

comdlg32

PrintDlgA
CommDlgExtendedError
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f72b20a05b5f4a3f75f6b7db573e387

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 248KB - Virtual size: 244KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 20KB - Virtual size: 17KB