2024-01-10_9de92b7f40097731ce3456c57fbd5536_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_9de92b7f40097731ce3456c57fbd5536_icedid
Size

2.0MB
MD5

9de92b7f40097731ce3456c57fbd5536
SHA1

085c44018daa1b62262d4070af2620950f078b09
SHA256

2989a20c9925941bf69939ccc884056bab875bc751fca35b3f2722f0bd439581
SHA512

e2087c7e45c0a4d2c633da1c86120e3fc1cf05fd98587614bd0072c38ae36b70dd5c84fe63cb352d846a4e0a1cf531d14be3803b2cd2c0ab56bb5a92fe11cc4e
SSDEEP

24576:NgQP2lRzqhAARVq36PIv69uDD4VxntazVCi32tJ0bfq8:NgJWpLVxtHNix

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-10_9de92b7f40097731ce3456c57fbd5536_icedid

Files

2024-01-10_9de92b7f40097731ce3456c57fbd5536_icedid
.exe windows:4 windows x86 arch:x86

c340802f55f60f7017912844f1d44de7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
SetEnvironmentVariableA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetDriveTypeA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryW
GetACP
VirtualFree
HeapCreate
HeapDestroy
HeapReAlloc
FatalAppExitA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
ExitThread
CreateThread
ExitProcess
RaiseException
RtlUnwind
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
GetDateFormatA
GetTimeFormatA
VirtualQuery
GetSystemInfo
VirtualAlloc
IsBadReadPtr
HeapValidate
SetFileAttributesA
LocalFileTimeToFileTime
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
FindResourceExA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GetProfileIntA
VirtualProtect
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetModuleFileNameW
GetAtomNameA
SystemTimeToFileTime
FileTimeToSystemTime
GetTickCount
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcessId
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
FindNextFileA
FindFirstFileA
FindClose
GetThreadLocale
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
LoadLibraryA
FreeResource
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetVersionExA
InterlockedIncrement
InterlockedDecrement
MulDiv
CopyFileA
GlobalSize
FormatMessageA
LocalFree
SetLastError
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
LockResource
SizeofResource
GetCommandLineA
LoadResource
FindResourceA
GetVersion
CompareStringA
lstrcmpiA
GetLastError
InterlockedExchange
GetStringTypeExA
lstrlenW
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
lstrlenA
OpenEventA

user32

LoadAcceleratorsA
CopyAcceleratorTableA
DestroyMenu
UnpackDDElParam
GetClipboardFormatNameA
ReleaseCapture
SetRectEmpty
GetAsyncKeyState
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
ModifyMenuA
InsertMenuItemA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
RegisterClipboardFormatA
EndDialog
CreateDialogIndirectParamA
GetCursorPos
GetMessageA
TranslateMessage
GetWindowThreadProcessId
SetCursor
PostQuitMessage
CharNextA
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
GetActiveWindow
KillTimer
WaitMessage
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
DragDetect
EnableWindow
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CharUpperA
MessageBoxA
GetSystemMetrics
MsgWaitForMultipleObjects
IsWindowUnicode
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetParent
GetWindow
GetCapture
ReuseDDElParam
DestroyIcon
MessageBeep
GetDialogBaseUnits
UnregisterClassA
GetKeyNameTextA
WinHelpA
TrackPopupMenuEx
MapVirtualKeyA
InSendMessage
IsClipboardFormatAvailable
IsRectEmpty
SetTimer
GetMessageW
DispatchMessageW
SubtractRect
UnionRect
InflateRect
SetRect
PtInRect
GetMenuItemID
InsertMenuA
AppendMenuA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemCount
IsMenu
RemoveMenu
GetFocus
SetMenuItemBitmaps
LoadBitmapA
GetMenuCheckMarkDimensions
MapDialogRect
IsWindow
SendMessageA
PostMessageA
TabbedTextOutA
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindowLongA
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetDlgCtrlID
DestroyWindow
GetKeyState
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
TrackPopupMenu
TranslateAcceleratorA

gdi32

CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
UnrealizeObject
CreatePenIndirect
CreateBrushIndirect
CreateFontIndirectA
CreateFontA
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateICA
CreateCompatibleDC
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
Arc
Polyline
Chord
ExtCreatePen
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
StretchDIBits
EnumFontFamiliesExA
DeleteMetaFile
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
DeleteObject
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetTextCharacterExtra
SetArcDirection
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ArcTo
GetCurrentPositionEx
Ellipse
ExcludeClipRect
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
IntersectClipRect
SetMapperFlags

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

SetThreadToken
RevertToSelf
OpenThreadToken
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathIsUNCA
PathFindExtensionA
PathStripToRootA

oledlg

ord3
ord7
ord6
ord5
ord9
ord4
ord8

ole32

WriteClassStm
OleSaveToStream
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleGetClipboard
OleSetMenuDescriptor
DoDragDrop
OleRegEnumVerbs
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
OleTranslateAccelerator
IsAccelerator
GetRunningObjectTable
CoLockObjectExternal
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
OleLockRunning
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoGetMalloc
CreateStreamOnHGlobal
GetClassFile
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
StgIsStorageILockBytes
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleRun
CLSIDFromString
CoDisconnectObject
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CLSIDFromProgID
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
OleFlushClipboard
GetHGlobalFromILockBytes
OleSave
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleSetClipboard
OleCreateStaticFromData

oleaut32

SystemTimeToVariantTime
SysFreeString
VariantClear
SafeArrayDestroy
VarUdateFromDate
SysAllocString
GetErrorInfo
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetDim
SafeArrayGetElemsize
VariantChangeType
VariantInit
OleCreateFontIndirect
VarDateFromStr
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
LoadTypeLi
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarDateFromUdate
SysAllocStringLen

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 752KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c340802f55f60f7017912844f1d44de7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 752KB - Virtual size: 748KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 52KB - Virtual size: 49KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 752KB - Virtual size: 748KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 52KB - Virtual size: 49KB