2024-01-10_7a2b3ae4508d0ea3d83013e7e932ea25_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-10_7a2b3ae4508d0ea3d83013e7e932ea25_icedid
Size

404KB
MD5

7a2b3ae4508d0ea3d83013e7e932ea25
SHA1

6c50398a0f8f4f5a901e825b8c19a263bfb3647c
SHA256

5b1b61faec344e2db45eea5b2538d2dfc78c8ad3f0b8ea8666e17e36f07d9d3b
SHA512

a98ef30ca3a559e91f898b7c38fac6778f25657118cc1416d6a8c79678c909569da02a2efed384d31014ee6f9d4a25b5d32e4d1c3bc3c579b87ab14e4993daaa
SSDEEP

12288:9vqq0qQPeoNaQhCjcFhkYKiCIz1Q9k3UJ:NqMowQh0cnkCw9kI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-10_7a2b3ae4508d0ea3d83013e7e932ea25_icedid

Files

2024-01-10_7a2b3ae4508d0ea3d83013e7e932ea25_icedid
.exe windows:4 windows x86 arch:x86

2656cac935124c7354f081b4a93e2043

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

as_deliver

AS_DELIVER_Ini
AS_DELIVER_CardNum_Send
AS_DELIVER_Command_Stop
AS_DELIVER_Command_Send
AS_DELIVER_CardNum_Stop
AS_DELIVER_Command_Start
AS_DELIVER_CardNum_Start

rpcrt4

UuidToStringA
UuidFromStringA
RpcStringFreeA

kernel32

RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
SetEvent
ResetEvent
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
CloseHandle
GetOverlappedResult
WaitForSingleObject
GetLastError
WriteFile
ClearCommError
PurgeComm
CancelIo
WaitForMultipleObjects
ReadFile
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
ExitThread
GetExitCodeThread
OutputDebugStringA
SetCommMask
SetupComm
SetCommState
GetCommState
CreateEventA
SetCommTimeouts
CreateFileA
CreateThread
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetModuleFileNameA
WinExec
ReleaseMutex
CreateMutexA
WaitForMultipleObjectsEx
MultiByteToWideChar
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
GetStringTypeExA
LocalFree
lstrcpynA
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
GlobalFree
SetLastError
FreeResource
lstrcmpA
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetModuleHandleA
GlobalDeleteAtom
GetCurrentThreadId
GetCurrentThread
GlobalAddAtomA
lstrcmpW
lstrcatA
GlobalFindAtomA
GlobalGetAtomNameA
GetFileAttributesA
SetFileTime
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
LocalAlloc
InterlockedDecrement
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FileTimeToSystemTime
SystemTimeToFileTime
GlobalFlags
GetCurrentDirectoryA
MoveFileA
DeleteFileA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetShortPathNameA
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetErrorMode
GetTickCount

user32

CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
InvalidateRgn
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowRect
CopyRect
PtInRect
GetWindow
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
GetLastActivePopup
ShowOwnedPopups
SetCursor
PostQuitMessage
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
ReuseDDElParam
CopyAcceleratorTableA
CharNextA
DestroyIcon
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
CharUpperA
GetCursorPos
LoadIconA
SendMessageA
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
WindowFromPoint
PostThreadMessageA
CreateMenu
LoadMenuA
GetSubMenu
RegisterHotKey
KillTimer
SetTimer
EnableWindow
PostMessageA
IsWindow
MessageBoxA
wsprintfA
SetWindowRgn
DrawIcon
FindWindowA
GetNextDlgGroupItem
GetWindowPlacement
SetCapture
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
IsZoomed
GetMenuItemInfoA
InflateRect
FillRect
LoadCursorA
DestroyCursor
GetDC
ReleaseDC
GetTabbedTextExtentA
SetRect
MessageBeep
IsClipboardFormatAvailable
SetWindowContextHelpId
MapDialogRect
DestroyMenu
UnpackDDElParam
InsertMenuItemA
ReleaseCapture
LoadAcceleratorsA
SetWindowLongA
InvalidateRect

gdi32

CreateDCA
GetWindowOrgEx
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
Ellipse
LPtoDP
CreateEllipticRgn
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateSolidBrush
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateFontA
DeleteObject
StretchDIBits
SelectObject
GetTextExtentPoint32A
ExtTextOutA
BitBlt
DeleteDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
PatBlt
Rectangle
GetViewportOrgEx
CreatePen
GetStockObject
CreateFontIndirectA
GetCharWidthA
GetTextMetricsA
DPtoLP
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps

comdlg32

GetSaveFileNameA
FindTextA
ReplaceTextA
GetOpenFileNameA
PrintDlgA
CommDlgExtendedError
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegCloseKey
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA
SHGetFileInfoA
ExtractIconA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysStringLen

gvcomport

_CheckGeoComPort@12
_RegGeoComPort@12

Sections

.text
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2656cac935124c7354f081b4a93e2043

Headers

File Characteristics

Imports

as_deliver

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gvcomport

Sections

.text Size: 292KB - Virtual size: 289KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 292KB - Virtual size: 289KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 20KB - Virtual size: 16KB