2024-01-11_09d73e6eeb17ddfcd3dc5f48da102160_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-11_09d73e6eeb17ddfcd3dc5f48da102160_icedid
Size

1.7MB
MD5

09d73e6eeb17ddfcd3dc5f48da102160
SHA1

c902db5a6bf03d3df8ae85a6d33dc4a38f262d3e
SHA256

a118e053889e86a084fdc5597be53f7811dfd1330f4461908f55cd17c75ed010
SHA512

e038e0d5488856415b2641f96a6058ec108f259bf041513d303d83eea02f2e732e629bbb0ba48f4c00e63988156a998912039c6ad634396cd2355c1eb2fd2ed1
SSDEEP

24576:2tqUwXHRFxHv4NTlUN0J8brOVqaWZrXYWX4+33IQtOkl:7TxHvCUCySVq3zrIAOY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-11_09d73e6eeb17ddfcd3dc5f48da102160_icedid

Files

2024-01-11_09d73e6eeb17ddfcd3dc5f48da102160_icedid
.exe windows:4 windows x86 arch:x86

35624d4d929ae3917c700751133bd59c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA

kernel32

SetErrorMode
HeapAlloc
GetStartupInfoW
RaiseException
RtlUnwind
HeapReAlloc
ExitProcess
HeapSize
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetEndOfFile
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
LCMapStringA
LCMapStringW
SetStdHandle
GetConsoleOutputCP
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
WritePrivateProfileStringW
GetThreadLocale
lstrlenA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GlobalFlags
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
FormatMessageW
GetVersionExW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GlobalLock
GlobalUnlock
MulDiv
lstrcmpiA
GetSystemDirectoryA
GetModuleHandleA
FindResourceA
GetWindowsDirectoryA
RemoveDirectoryA
GetComputerNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetModuleFileNameA
CreateDirectoryA
DeleteFileA
GetTempPathA
GetCurrentProcessId
CreateEventA
GetOverlappedResult
ReadFile
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
LocalAlloc
CreateFileA
DeviceIoControl
LocalFree
GetSystemInfo
GetProcessAffinityMask
GetCurrentThread
GetCurrentProcess
SetFilePointer
GetVersionExA
LoadLibraryA
CreateMutexA
SetLastError
ReleaseMutex
WriteConsoleA
GetProcessHeap
HeapFree
GetTempPathW
GlobalMemoryStatus
WinExec
lstrlenW
lstrcatW
lstrcpyW
FreeLibrary
GetLastError
LoadLibraryW
WriteFile
CreateFileW
WriteConsoleW
ExitThread
Sleep
SetThreadPriority
CreateThread
GetStdHandle
GetProcAddress
InterlockedDecrement
MultiByteToWideChar
CloseHandle
WaitForSingleObject
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleW
GlobalSize
GlobalReAlloc
GlobalAlloc
GlobalFree
SetCurrentDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
GetComputerNameW
GetCurrentDirectoryW
SetHandleCount

user32

UnregisterClassW
LoadCursorW
GetSysColorBrush
DestroyMenu
PostQuitMessage
GetWindowThreadProcessId
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetMenuState
EnableMenuItem
CheckMenuItem
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ShowWindow
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
IsWindowEnabled
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
UnregisterClassA
SetPropW
GetPropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetParent
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
wsprintfA
ClientToScreen
ModifyMenuW
AppendMenuW
CreatePopupMenu
RemovePropW
CreateCursor
SetWindowLongW
SetCursor
DestroyCursor
UpdateWindow
InvalidateRect
OffsetRect
GetSysColor
DrawIcon
GetSystemMetrics
IsIconic
SetTimer
KillTimer
LoadImageW
DestroyIcon
MessageBoxW
wsprintfW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ReleaseDC
GetClientRect
GetDC
GetWindowDC
GetWindowRect
SendMessageW
LoadBitmapW
RegisterWindowMessageW
EnableWindow
GetMessageTime
GetClassNameW

gdi32

DeleteObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetObjectW
GetStockObject
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
CreateCompatibleDC
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateSolidBrush
GetTextExtentPoint32W
CreateFontIndirectW
GetPixel
CreateBitmap
CreateFontW
GetDIBits
BitBlt
CreateCompatibleBitmap
RealizePalette
SelectPalette

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyW
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
FreeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
RegOpenKeyExA
RegQueryValueExA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle
OpenProcessToken
RegCloseKey
RegQueryValueW
RegOpenKeyExW

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoInitializeSecurity

oleaut32

VariantInit
SafeArrayGetVartype
SafeArrayGetElemsize
SafeArrayGetElement
SysStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
VariantClear

Sections

.text
Size: 832KB - Virtual size: 828KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 640KB - Virtual size: 637KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35624d4d929ae3917c700751133bd59c

Headers

File Characteristics

Imports

winmm

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 832KB - Virtual size: 828KB

.rdata Size: 184KB - Virtual size: 182KB

.data Size: 84KB - Virtual size: 101KB

.rsrc Size: 640KB - Virtual size: 637KB

.text
Size: 832KB - Virtual size: 828KB

.rdata
Size: 184KB - Virtual size: 182KB

.data
Size: 84KB - Virtual size: 101KB

.rsrc
Size: 640KB - Virtual size: 637KB