2024-01-11_57b24186b29d0a265132ef7a88420ea9_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-11_57b24186b29d0a265132ef7a88420ea9_icedid
Size

1.2MB
MD5

57b24186b29d0a265132ef7a88420ea9
SHA1

7c9abfd8222faf943e2f47bd13c9e912a5675ac8
SHA256

b854ec72d7e3a5053ab6aed9065651ee3c1b84e87a4214725f57d0aaa482f524
SHA512

c4bdd1675dbfea6080c653845876a98eb47fc3c163c18f6943123110aa1ee3b1e645a66c737215fed41f3b25eb965744dac3ae6861c57184d755ea70347b3bd1
SSDEEP

24576:Q50rlHf+9atYRHnwcsNYjrybWcWvtykSuOMVI:Q50rlH2zlhrybWcOtykSuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-11_57b24186b29d0a265132ef7a88420ea9_icedid

Files

2024-01-11_57b24186b29d0a265132ef7a88420ea9_icedid
.exe windows:4 windows x86 arch:x86

19358dff95d55c2546bf07534435b56b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

bmaframe

CreateBMAFramework
CreateXmlConfigParse

kernel32

GetCommandLineW
SetHandleCount
GetStdHandle
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
GetEnvironmentStrings
GetCommandLineA
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadCodePtr
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
CompareStringA
CompareStringW
SetEnvironmentVariableW
GetDriveTypeA
GetACP
GetOEMCP
SetEnvironmentVariableA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeA
HeapReAlloc
GlobalReAlloc
UnhandledExceptionFilter
HeapSize
SetStdHandle
TerminateProcess
GetFileType
GetLocalTime
RaiseException
HeapAlloc
GetSystemTime
GetTimeZoneInformation
ExitProcess
HeapFree
RtlUnwind
GetStartupInfoW
SetErrorMode
GetCurrentDirectoryW
FindResourceExW
GetProcessVersion
SystemTimeToFileTime
LocalFileTimeToFileTime
TlsSetValue
TlsGetValue
LocalReAlloc
GetStringTypeW
TlsFree
EnterCriticalSection
LeaveCriticalSection
Sleep
MultiByteToWideChar
CreateThread
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileSectionW
FindFirstFileW
FindClose
GetFileAttributesW
SetFileAttributesW
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteFileW
RemoveDirectoryW
GetTickCount
GetTempPathW
CreateDirectoryW
GetLastError
WriteFile
GetFileSize
ReadFile
CreateFileW
CloseHandle
lstrlenW
lstrcmpiW
FindResourceW
LoadResource
LockResource
GetCPInfo
lstrlenA
GetVersion
GetVersionExW
GetModuleFileNameW
GetPrivateProfileIntW
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
GetDiskFreeSpaceW
SizeofResource
GetProfileStringA
GlobalAddAtomA
FindResourceA
GlobalGetAtomNameW
lstrcmpW
SetFileTime
GetTempFileNameW
GetCurrentThread
GlobalAlloc
lstrcmpiA
GetThreadLocale
GetShortPathNameW
GetVolumeInformationW
GetStringTypeExW
GetFullPathNameW
SetEndOfFile
LoadLibraryW
MoveFileW
FlushFileBuffers
UnlockFile
LockFile
DuplicateHandle
SetFilePointer
GetCurrentProcess
lstrcmpA
FileTimeToLocalFileTime
MulDiv
SetLastError
LocalFree
FileTimeToSystemTime
FormatMessageW
FreeLibrary
GetModuleHandleA
LoadLibraryA
GlobalFindAtomW
GetCurrentThreadId
GlobalAddAtomW
GetProcAddress
GlobalDeleteAtom
GetModuleHandleW
GlobalFree
GlobalLock
GlobalUnlock
lstrcatW
lstrcpynW
lstrcpyW
GetModuleFileNameA
IsBadReadPtr
IsBadWritePtr
GetFileTime
FindNextFileW

user32

IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
LoadCursorW
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
MapDialogRect
GetAsyncKeyState
LoadStringW
CharUpperW
SetRectEmpty
ValidateRect
GetCursorPos
EndPaint
BeginPaint
GetWindowDC
DestroyMenu
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
CharNextW
GetDCEx
MessageBoxW
IsChild
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
TrackPopupMenu
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
IntersectRect
IsIconic
GetWindowPlacement
EndDialog
SetParent
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
DrawIcon
LoadIconW
PtInRect
GetMessagePos
ScreenToClient
GetCapture
ReleaseCapture
MapWindowPoints
SetCapture
DrawFrameControl
GetWindow
GetClassNameW
IsRectEmpty
GetMessageW
PostThreadMessageW
PeekMessageW
SetMenu
GetKeyState
MessageBeep
TranslateMessage
LockWindowUpdate
CopyAcceleratorTableW
GetNextDlgGroupItem
RegisterClipboardFormatW
GetTopWindow
SetActiveWindow
DispatchMessageW
GetFocus
GetCaretPos
keybd_event
KillTimer
SetTimer
wsprintfW
UpdateWindow
LoadImageW
GetClientRect
FrameRect
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
PostMessageW
ClientToScreen
WindowFromPoint
GetActiveWindow
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
GetWindowLongW
GetSubMenu
GrayStringW
DrawTextW
TabbedTextOutW
DeleteMenu
LoadBitmapW
GetSysColorBrush
GetMenuStringW
GetMenuItemID
GetMenuState
ModifyMenuW
GetMenuItemCount
InsertMenuW
GetSystemMetrics
GetDesktopWindow
GetDC
ReleaseDC
DestroyIcon
SystemParametersInfoW
GetSysColor
CopyRect
FillRect
SetRect
EnableWindow
InvalidateRect
SendMessageW
RemovePropW
SendDlgItemMessageW
DefWindowProcA
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
GetClassInfoA
DefDlgProcA
GetPropA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA

gdi32

CreatePen
CreateCompatibleBitmap
SetMapMode
GetTextExtentPoint32W
OffsetViewportOrgEx
CreateDIBitmap
SetViewportOrgEx
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
MoveToEx
LineTo
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
GetMapMode
SetRectRgn
DPtoLP
StretchDIBits
CombineRgn
EnumFontFamiliesExW
GetTextColor
GetCharWidthW
LPtoDP
GetBkColor
GetTextExtentPointA
BitBlt
RestoreDC
CreateRectRgnIndirect
GetClipBox
CreateFontW
GetTextMetricsW
CreateBitmap
SetBkColor
SetBkMode
CreateFontIndirectW
GetStockObject
SetTextColor
Rectangle
Escape
TextOutW
PatBlt
ExtTextOutW
PtVisible
GetObjectW
RectVisible
CreateDIBSection
DeleteObject
DeleteDC
SelectObject
SaveDC
CreateCompatibleDC
ExtTextOutA
GetDeviceCaps
CreateSolidBrush

comdlg32

GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyW
RegEnumValueW
RegOpenKeyW
RegEnumKeyW
GetFileSecurityW
RegSetValueW
RegSetValueExW
RegDeleteValueW
SetFileSecurityW

shell32

ExtractIconW
DragQueryFileW
SHGetFileInfoW
DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetIconSize
_TrackMouseEvent
ImageList_DrawEx
ImageList_BeginDrag
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DragEnter
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

oledlg

OleUIBusyW

ole32

CLSIDFromString
CoUninitialize
CoInitialize
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoFreeUnusedLibraries
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
OleUninitialize
CoCreateInstance
OleRun

olepro32

ord253

oleaut32

SysStringLen
GetErrorInfo
VariantTimeToSystemTime
SysAllocStringLen
VariantCopy
VariantChangeType
SysFreeString
SysAllocString
VariantInit
VariantClear

Sections

.text
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 544KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19358dff95d55c2546bf07534435b56b

Headers

File Characteristics

Imports

version

bmaframe

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 388KB - Virtual size: 386KB

.rdata Size: 204KB - Virtual size: 201KB

.data Size: 32KB - Virtual size: 50KB

.rsrc Size: 544KB - Virtual size: 541KB

.text
Size: 388KB - Virtual size: 386KB

.rdata
Size: 204KB - Virtual size: 201KB

.data
Size: 32KB - Virtual size: 50KB

.rsrc
Size: 544KB - Virtual size: 541KB