2024-01-11_a81d5e3daf43ca14a7cf4952a0359c9f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-11_a81d5e3daf43ca14a7cf4952a0359c9f_icedid
Size

2.2MB
MD5

a81d5e3daf43ca14a7cf4952a0359c9f
SHA1

a9f937aa3e7cd95d86931a071809f8ad2c38b6b6
SHA256

abc42e5a7410ca777b4e2e01f6998ed9a18352584032e4b5381ce1122dbfff17
SHA512

be62452b41d36cddfef3f4195953a4d9c69e850295579e2a0eed1ef80b8a5da3db49a5684eb79200c16246ba19c1ee0faf022b31438016d71a418f180c3a22a4
SSDEEP

49152:6RT2JiX2CTh4hSqzDtKVGfSXG9JXVlxulr29/Sr3tTqAUz0M6w8MtB:6UiX2oh4IqkVGKXG9JXVlxulr29/Sr3+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-11_a81d5e3daf43ca14a7cf4952a0359c9f_icedid

Files

2024-01-11_a81d5e3daf43ca14a7cf4952a0359c9f_icedid
.exe windows:5 windows x86 arch:x86

79a15cdc97176b03e5675c649481f2d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutGetNumDevs
waveOutGetVolume

quartz

AMGetErrorTextW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

SetErrorMode
GetStartupInfoW
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapReAlloc
ExitProcess
HeapSize
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
LCMapStringA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
GlobalGetAtomNameW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
lstrcmpA
GetLocaleInfoW
CompareStringA
GetFileSizeEx
GetFileAttributesExW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrlenA
GetFullPathNameW
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
InitializeCriticalSection
InterlockedDecrement
GetModuleHandleA
MulDiv
SuspendThread
SetThreadPriority
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
SetLastError
GetVersionExA
SetFileTime
GetFileTime
SetFileAttributesW
Sleep
GetVolumeInformationW
GetDriveTypeW
CreateDirectoryW
LoadLibraryW
FreeLibrary
EnumResourceLanguagesW
GetVersion
GetProcAddress
LocalSize
LocalAlloc
GetDiskFreeSpaceExW
GetModuleFileNameW
GetTimeFormatW
GetDateFormatW
GetCurrentProcessId
InterlockedExchange
FileTimeToSystemTime
FileTimeToLocalFileTime
CompareFileTime
lstrcmpW
FindClose
FindNextFileW
FindFirstFileW
lstrcmpiW
MultiByteToWideChar
SetEndOfFile
SetFilePointer
GetTickCount
WideCharToMultiByte
GetPrivateProfileStringW
ResumeThread
DeleteFileW
GetFileAttributesW
GetLocalTime
SizeofResource
lstrlenW
lstrcatW
GlobalAlloc
GlobalLock
LocalFree
GetModuleHandleW
FormatMessageW
CreateFileW
DeleteCriticalSection
CloseHandle
WaitForSingleObject
GetFileSize
CreateEventW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WriteFile
ReadFile
GetLastError
GlobalFree
GlobalHandle
GlobalUnlock
OutputDebugStringW
SetEvent
lstrcpyW
FreeResource
LockResource
LoadResource
FindResourceW
GetStartupInfoA

user32

ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
DestroyMenu
GetMenuItemInfoW
GetWindowThreadProcessId
CharUpperW
SetWindowRgn
SystemParametersInfoW
WindowFromPoint
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
GetMessageW
GetCursorPos
ValidateRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetSysColorBrush
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
ShowScrollBar
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
InsertMenuItemW
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
RegisterDeviceNotificationW
GetSystemMenu
CopyRect
GetDlgItem
LoadStringW
SetCursor
ChangeDisplaySettingsExW
SetFocus
SetForegroundWindow
ShowWindow
FindWindowW
AppendMenuW
CreatePopupMenu
DrawFocusRect
GetSysColor
IsRectEmpty
IntersectRect
GetFocus
InflateRect
RedrawWindow
ReleaseDC
GetDC
FillRect
KillTimer
SetTimer
DispatchMessageW
TranslateMessage
PeekMessageW
SetScrollPos
GetScrollRange
CopyAcceleratorTableW
InvalidateRgn
TranslateAcceleratorW
BringWindowToTop
PostThreadMessageW
RegisterClipboardFormatW
GetNextDlgGroupItem
GetScrollPos
SetScrollRange
MessageBeep
UnregisterClassW
CharNextW
UnpackDDElParam
ReuseDDElParam
UnhookWindowsHookEx
LoadAcceleratorsW
DrawIcon
IsIconic
LoadIconW
GetDlgCtrlID
UpdateWindow
SetRect
LoadBitmapW
AdjustWindowRectEx
LoadCursorW
OffsetRect
InvalidateRect
GetParent
IsWindowVisible
SendMessageW
DrawTextW
GetClientRect
ReleaseCapture
ClientToScreen
SetCapture
PtInRect
SetWindowPos
GetSystemMetrics
GetWindowRect
SetWindowLongW
GetWindowLongW
IsWindow
wsprintfW
PostMessageW
SetActiveWindow
GetActiveWindow
EnableWindow
IsWindowEnabled
GetDesktopWindow
ScreenToClient
SetRectEmpty
TrackPopupMenu

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ExcludeClipRect
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePen
CreateEllipticRgn
LPtoDP
Ellipse
GetMapMode
GetRgnBox
GetBkColor
GetTextColor
SetMapMode
GetStockObject
MoveToEx
LineTo
SetBkMode
SetTextColor
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW
DeleteObject
CreateFontIndirectW
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
AbortDoc
EndDoc
EndPage
Polyline
GetDIBits
StretchDIBits
SetDIBitsToDevice
SelectPalette
StartPage
StartDocW
GetDeviceCaps
CreateDCW
CreateDIBitmap
GetPixel
CreateSolidBrush
SelectClipRgn
CreateRectRgnIndirect
CreatePatternBrush
GetTextExtentPoint32W
StretchBlt
SetStretchBltMode
GetObjectA
SetLayout

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteValueW
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyW
RegFlushKey
RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

DragFinish
SHGetSpecialFolderPathW
ShellExecuteExW
ord4
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
DragQueryFileW
ShellExecuteW
ord2
SHGetDesktopFolder

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
GetRunningObjectTable
CreateItemMoniker
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysFreeString
SafeArrayDestroy
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysStringLen
VariantInit
VariantChangeType
SysAllocStringLen
SystemTimeToVariantTime
OleCreateFontIndirect
VariantTimeToSystemTime
VariantClear
GetErrorInfo

gdiplus

GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipDrawString
GdipCreatePen1
GdipDeletePen
GdipCreateFromHDC
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDrawImageRectRect
GdipDisposeImage
GdipImageRotateFlip
GdipCloneImage
GdipDrawLineI
GdipAlloc
GdipFree

wininet

InternetSetFilePointer
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetSetOptionExW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetAttemptConnect
InternetGetConnectedState
HttpAddRequestHeadersW
HttpQueryInfoW
InternetSetOptionW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetReadFile
InternetWriteFile
HttpSendRequestExW
HttpSendRequestW
InternetSetStatusCallbackW
HttpEndRequestW
InternetOpenW

Sections

.text
Size: 655KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79a15cdc97176b03e5675c649481f2d3

Headers

DLL Characteristics

File Characteristics

Imports

winmm

quartz

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

wininet

Sections

.text Size: 655KB - Virtual size: 654KB

.rdata Size: 205KB - Virtual size: 204KB

.data Size: 14KB - Virtual size: 31KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 655KB - Virtual size: 654KB

.rdata
Size: 205KB - Virtual size: 204KB

.data
Size: 14KB - Virtual size: 31KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB