2024-01-10_b75e8c962eeeb187416be8f02031d62b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_b75e8c962eeeb187416be8f02031d62b_icedid
Size

372KB
MD5

b75e8c962eeeb187416be8f02031d62b
SHA1

2c91a73f0de8f12d1f3fe67887a50c1a3e93142d
SHA256

047c5d3c13e9ec4282508ed6508651751771b38d33784bd839e71b65648f67de
SHA512

23e3ea6f4c63bb2a9de43d97816fae682dc39f476ace9aa9ef746fec8143f2ced1cbd29549d493e54c7162d39164574a97b23327d6acdc5a1806e4d606e591ea
SSDEEP

6144:682+tXtqNelbnsDuUt4E1Fq6cfqIJr2krivPqgx:682Eqk1nsKPE1M6chO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-10_b75e8c962eeeb187416be8f02031d62b_icedid

Files

2024-01-10_b75e8c962eeeb187416be8f02031d62b_icedid
.exe windows:4 windows x86 arch:x86

19a6f29d2da5a9a0489c9ed920587023

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHDeleteKeyW
PathFindExtensionW

aclui

ord1

kernel32

GetStartupInfoW
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
ExitThread
CreateThread
ExitProcess
TerminateProcess
HeapAlloc
HeapReAlloc
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetErrorMode
ReleaseMutex
CreateMutexW
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
InterlockedIncrement
lstrcmpiW
WritePrivateProfileStringW
FileTimeToSystemTime
GlobalFindAtomW
lstrlenA
GetModuleHandleA
GetVersionExA
InterlockedDecrement
GetTickCount
FreeResource
WaitForSingleObject
ResumeThread
CloseHandle
GlobalAddAtomW
GetLastError
SetLastError
GlobalFree
MulDiv
GlobalUnlock
lstrcpynW
GetCurrentThread
GetCurrentThreadId
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetModuleHandleW
ConvertDefaultLocale
EnumResourceLanguagesW
LoadLibraryW
GetLocaleInfoW
LoadLibraryA
GetProcAddress
GetTimeZoneInformation
DeleteFileW
CreateDirectoryW
lstrlenW
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
FindFirstFileW
FindNextFileW
CopyFileW
GetComputerNameExW
GetComputerNameW
lstrcpyW
LoadLibraryExW
FormatMessageW
LocalFree
FreeLibrary
lstrcatW
Sleep
GetVersion
MultiByteToWideChar
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCommandLineW

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
PostThreadMessageW
CharUpperW
GetSysColorBrush
ReleaseCapture
LoadCursorW
SetCapture
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
PtInRect
UnhookWindowsHookEx
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
RegisterClipboardFormatW
CopyRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
MessageBoxW
GetDC
ReleaseDC
GetWindowRect
IsWindow
GetSystemMetrics
LoadIconW
EnableWindow
InvalidateRect
GetClientRect
IsIconic
GetSystemMenu
PostMessageW
SendMessageW
AppendMenuW
CreatePopupMenu
DrawIcon
wsprintfW
UnregisterClassW

gdi32

SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
DeleteObject
GetStockObject
DeleteDC
ExtSelectClipRgn
GetObjectW
Escape
CreateFontIndirectW
SetMapMode
RestoreDC
SaveDC
ExtTextOutW
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
SelectObject
GetTextMetricsW
ScaleWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExA
RegOpenKeyExA
GetUserNameW
RegQueryValueW
RegDeleteKeyW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc

comctl32

PropertySheetW
ImageList_Destroy
ord17

oledlg

OleUIBusyW

ole32

CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CLSIDFromString
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
CoGetClassObject
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter

oleaut32

SystemTimeToVariantTime
SysFreeString
SysStringLen
OleCreateFontIndirect
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
VariantCopy

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19a6f29d2da5a9a0489c9ed920587023

Headers

File Characteristics

Imports

shlwapi

aclui

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 256KB - Virtual size: 255KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 256KB - Virtual size: 255KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 24KB - Virtual size: 22KB