2024-01-10_47b85e1e6d8e3d980b260886e3224c86_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_47b85e1e6d8e3d980b260886e3224c86_icedid
Size

2.1MB
MD5

47b85e1e6d8e3d980b260886e3224c86
SHA1

9c3fcd366c84bc791bb77ce02cf8fb4dd208fbc1
SHA256

fe5b02525143c814f96866b7727d594df6ee46b9f9e059208ac2fe2ae4621902
SHA512

fcb2ac5858c1cd8bdba6e43de4fdc5505ed51cbbb68047074fac62df25d81e2e8f68845094ec5a7f1c86b16b5aa5a3050113d74ccffd6a1a93bd8ce275ad845f
SSDEEP

24576:cJua00na95pVET1dgY9QhKqBTcZ2fZDsBbCh6bvvCTfI0J:+uak5DET1dT9QpLDmbTf0J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-10_47b85e1e6d8e3d980b260886e3224c86_icedid

Files

2024-01-10_47b85e1e6d8e3d980b260886e3224c86_icedid
.exe windows:4 windows x86 arch:x86

13469175826188234f1a5dd52db8c648

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidD_GetIndexedString
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_SetNumInputBuffers
HidD_GetHidGuid
HidD_GetAttributes
HidD_GetSerialNumberString

setupapi

CM_Get_Device_ID_ExA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
CM_Get_Device_IDA
CM_Get_Parent
CM_Disconnect_Machine
CM_Get_Child_Ex
CM_Locate_DevNode_ExA
CM_Connect_MachineA
CM_Get_DevNode_Registry_Property_ExA
CM_Get_Sibling_Ex

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

GlobalUnlock
GetSystemInfo
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime
HeapReAlloc
RaiseException
RtlUnwind
ExitProcess
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WritePrivateProfileStringW
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
ReleaseMutex
CreateMutexW
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
CreateEventW
SuspendThread
SetThreadPriority
FormatMessageW
LocalFree
InterlockedDecrement
MulDiv
GetModuleHandleA
lstrlenW
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
CompareStringW
SetLastError
lstrcmpW
GetVersionExA
ExitThread
CreateThread
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetVersion
OutputDebugStringW
Sleep
SizeofResource
LockResource
LoadResource
FindResourceW
WaitForSingleObject
WideCharToMultiByte
MultiByteToWideChar
GlobalAlloc
GlobalLock
VirtualQuery
GetModuleFileNameW
FindFirstFileW
FindClose
GetDriveTypeW
CreateDirectoryW
GetLastError
SetFileAttributesW
DeleteFileW
CopyFileW
GetModuleHandleW
CloseHandle
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
OpenFileMappingW
GetProcAddress
ResumeThread
SetEvent
GetLogicalDrives
GetCurrentProcess
FreeLibrary
LoadLibraryA
GetDriveTypeA
GlobalFree
CreateFileA
DeviceIoControl
GetSystemDefaultLangID
GetComputerNameA
lstrlenA
lstrcpyA
ReadFile
WriteFile

user32

GetWindowPlacement
GetWindowRect
GetWindow
SystemParametersInfoA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
CharNextW
PostThreadMessageW
CharUpperW
UnregisterClassW
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
SetCursor
PostQuitMessage
GetMessageW
ValidateRect
GetCursorPos
WindowFromPoint
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
wsprintfA
KillTimer
SetTimer
SetWindowLongW
GetWindowLongW
LoadCursorW
ReleaseDC
GetDC
LoadImageW
GetLastActivePopup
GetActiveWindow
LoadIconW
DrawIcon
GetSystemMetrics
SetForegroundWindow
SendMessageTimeoutW
LoadStringW
GetWindowTextW
ShowWindow
IsIconic
PostMessageW
SetRect
wsprintfW
RedrawWindow
GetSysColor
LoadBitmapW
SendMessageW
UpdateWindow
InvalidateRect
ReleaseCapture
SetCapture
GetCapture
SetWindowRgn
EnumWindows
EnableWindow
GetClassNameW
GetClientRect
PeekMessageW
TranslateMessage
DispatchMessageW
GetMenuState
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
GetWindowThreadProcessId
GetDesktopWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
IsWindowVisible
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
OffsetRect
IntersectRect
PtInRect
UnregisterClassA

gdi32

CreatePalette
GetDIBColorTable
CreateFontIndirectW
DeleteObject
GetObjectW
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CreateRectRgnIndirect
GetDeviceCaps
SelectPalette
GetStockObject
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateHalftonePalette
GetWindowExtEx
GetViewportExtEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
RealizePalette
CreateRoundRectRgn

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
ShellExecuteW
SHChangeNotify
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StgOpenStorageOnILockBytes
CoTaskMemFree
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemAlloc
CoRegisterMessageFilter

oleaut32

VariantInit
OleCreateFontIndirect
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantCopy
SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
OleLoadPicture

Sections

.text
Size: 652KB - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13469175826188234f1a5dd52db8c648

Headers

File Characteristics

Imports

hid

setupapi

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 652KB - Virtual size: 648KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 16KB - Virtual size: 8.1MB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 652KB - Virtual size: 648KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 16KB - Virtual size: 8.1MB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB