2024-01-10_3ff8de78cde58e3cd6a2ea5fd9c89ccc_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_3ff8de78cde58e3cd6a2ea5fd9c89ccc_icedid
Size

288KB
MD5

3ff8de78cde58e3cd6a2ea5fd9c89ccc
SHA1

5846b7a671e15db2999bb02307eb6bd8ea222134
SHA256

f2913febd5fa8561752cf3cbf951b3912038b356b55c4e8bf89d62b045524d33
SHA512

86052c72bbdc14185b3d529e975dd6fde7e58746100766c897d7d7cd5e503aedea4127a26f75badeb89a3243d96fbd685925481eded6bb3fad45c46bb54f0f2c
SSDEEP

6144:ptelU25WxbQGF7fsoO6QABqqDL6SHakb/d:ptelUO2Qe7Uo8qn6SNd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-10_3ff8de78cde58e3cd6a2ea5fd9c89ccc_icedid

Files

2024-01-10_3ff8de78cde58e3cd6a2ea5fd9c89ccc_icedid
.exe windows:4 windows x86 arch:x86

36e3f74f19d073046906f296e6e482ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
TerminateProcess
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
SetErrorMode
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetFileTime
GetFileSize
GetFileAttributesA
CreateFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
FreeResource
GlobalAddAtomA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetLastError
GlobalFree
MulDiv
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
GetTickCount
GetModuleFileNameA
Sleep
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
FindFirstFileA
FindClose
CreateProcessA
CloseHandle
WaitForSingleObject
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualFree
InterlockedExchange

user32

DestroyMenu
GetSysColorBrush
wsprintfA
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SetForegroundWindow
UpdateWindow
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
PtInRect
CopyRect
MapWindowPoints
DrawIcon
SendMessageA
IsIconic
GetWindowRect
GetClientRect
ClientToScreen
GetCapture
EnableWindow
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
UnregisterClassA
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
LoadIconA
GetSystemMetrics
LoadCursorA
SetCursor
LoadImageA
CharUpperA
PostMessageA
PostQuitMessage
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA

gdi32

GetStockObject
CreateBitmap
DeleteDC
ExtTextOutA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateSolidBrush
TextOutA
RectVisible
PtVisible
GetObjectA
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
Escape

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString
VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36e3f74f19d073046906f296e6e482ce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 56KB - Virtual size: 54KB