2024-01-11_4c4c3d1386cca72780555de75cfd46cd_icedid

General

Target

2024-01-11_4c4c3d1386cca72780555de75cfd46cd_icedid
Size

21.7MB
MD5

4c4c3d1386cca72780555de75cfd46cd
SHA1

f6d07ff63b1ae815155be6fd7c9a3eed65332e28
SHA256

8c26c9e8aafac2d5aee2b82d92479cb2fedbe54a4ee941ecdebb6ecae222e459
SHA512

88ed4221cad6e792a2e11d2a692620b2fdb5b0cee80da5afa7c593806693cd6393acb44b633c8884f8f187d15830efeb1afb6ec8e169e0c6e9a9a7b19bae384a
SSDEEP

393216:Eh35h8eCsbwW494Yp1LP9kpCTawfcV77G82tyzH1b/9hgRnm/ayIK:Iph4nuYPLFkpCTawkV77KtyzHupmC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-11_4c4c3d1386cca72780555de75cfd46cd_icedid

Files

2024-01-11_4c4c3d1386cca72780555de75cfd46cd_icedid
.exe windows:4 windows x86 arch:x86

bfae980b375faf8abbe1aaa935a1b98e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
GlobalFree
GetCommandLineW
GetLastError
LockResource
LoadResource
SizeofResource
FindResourceW
GetTempPathW
WriteFile
SetFilePointer
CloseHandle
CreateFileW
DeleteFileW
SetLastError
SetThreadLocale
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
SetEndOfFile
GetLocaleInfoA
VirtualQuery
GetSystemInfo
VirtualProtect
GetCPInfo
GetOEMCP
GetACP
RaiseException
RtlUnwind
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
TerminateProcess
GetCurrentProcess
GetFileAttributesW
HeapReAlloc
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableW

user32

LoadStringW
wsprintfW
MessageBoxW

shell32

CommandLineToArgvW

msi

ord190
ord113
ord78
ord150
ord8
ord70

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21.6MB - Virtual size: 21.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfae980b375faf8abbe1aaa935a1b98e

Headers

File Characteristics

Imports

kernel32

user32

shell32

msi

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 21.6MB - Virtual size: 21.6MB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 21.6MB - Virtual size: 21.6MB