2024-01-11_dabe9c767451c56829165b64c708ac69_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-11_dabe9c767451c56829165b64c708ac69_icedid
Size

430KB
MD5

dabe9c767451c56829165b64c708ac69
SHA1

945bc0cfb35d63739a2aa2b954df689bf277c2b4
SHA256

7651c958d9186be5c704c38521914a74c861a5c8fffa4ff7787d1fa317dd88f5
SHA512

6138610a8e0422d1c3f0a3148eee21360b3948a6c48a60ce4a7113b1a9a6357d81793c9acef47db0a62c2d5def940768dcaea3744d2169dacc7f3cd4d9c17257
SSDEEP

6144:yCzoMXoIRzBjsRf4hXaXm2QpCU54LdakSBgYwevAEH0VzTBgKWNiGB21Ykoc:yCzoMJ5sRwhXp2asdakSBlHwTyKWNuGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-11_dabe9c767451c56829165b64c708ac69_icedid

Files

2024-01-11_dabe9c767451c56829165b64c708ac69_icedid
.exe windows:4 windows x86 arch:x86

591806a63bd95f5a1c7617b0e1d3afa9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathGetArgsA
PathRemoveArgsA
PathUnquoteSpacesA
PathFileExistsA

psapi

GetModuleBaseNameA
EnumProcesses

kernel32

LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetFileTime
InterlockedIncrement
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCurrentDirectoryA
GlobalFlags
SetErrorMode
GetCPInfo
GetOEMCP
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitThread
HeapReAlloc
InterlockedDecrement
ExitProcess
SetEnvironmentVariableA
GetSystemTimeAsFileTime
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
FreeResource
GetFullPathNameA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReleaseSemaphore
CreateSemaphoreA
SuspendThread
SetThreadPriority
GlobalAddAtomA
GetCurrentThread
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
lstrcpynA
GetCurrentProcess
HeapFree
HeapAlloc
ReadFile
LocalAlloc
MoveFileA
WritePrivateProfileStringA
GetWindowsDirectoryA
GetSystemDirectoryA
FreeLibrary
GlobalHandle
GetLocalTime
LoadLibraryA
GetProcAddress
CreateThread
GetCurrentProcessId
GetCurrentThreadId
OpenEventA
PulseEvent
SetFilePointer
SetVolumeLabelA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetTickCount
WriteFile
OpenProcess
GetPrivateProfileStringA
GetTempFileNameA
GetExitCodeProcess
CreateProcessA
GetDiskFreeSpaceExA
SetFileAttributesA
Sleep
OpenFileMappingA
GetTempPathA
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
GlobalAlloc
SetEvent
CreateFileA
GetShortPathNameA
GetCommandLineA
GetVolumeInformationA
FileTimeToLocalFileTime
FileTimeToSystemTime
OutputDebugStringA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
CreateMutexA
WaitForSingleObject
FormatMessageA
LocalFree
GetModuleHandleA
GetModuleFileNameA
ReleaseMutex
ResumeThread
SetCurrentDirectoryA
MoveFileExA
CreateDirectoryA
FindFirstFileA
FindNextFileA
CopyFileA
DeleteFileA
FindClose
RemoveDirectoryA
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetStartupInfoA
GetUserDefaultUILanguage

user32

DestroyMenu
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
CharUpperA
RegisterWindowMessageA
FindWindowA
PostMessageA
EnableWindow
LoadCursorA
GetSysColor
ReleaseDC
GetDC
UnregisterClassA
DefWindowProcA
CallWindowProcA
GetWindowPlacement
PtInRect
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
GetSystemMetrics
GetWindowTextA
SetWindowPos
ShowWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetWindow
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
GetKeyState
GetCursorPos
ValidateRect
MessageBoxA
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CopyRect
SendMessageA
GetClientRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
SystemParametersInfoA
AttachThreadInput
GetWindowRect
UpdateWindow
GetParent
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
OemToCharBuffA
CharToOemBuffA
wsprintfA
GetForegroundWindow
SetFocus
SetForegroundWindow
SetActiveWindow
IsWindowVisible
IsIconic

gdi32

ScaleWindowExtEx
SetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SelectObject
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

LsaOpenPolicy
AllocateAndInitializeSid
GetNamedSecurityInfoA
BuildTrusteeWithSidA
SetEntriesInAclA
SetNamedSecurityInfoA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA

shell32

SHFileOperationA

comctl32

ord17

oleaut32

VariantClear
VariantChangeType
VariantInit

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

591806a63bd95f5a1c7617b0e1d3afa9

Headers

File Characteristics

Imports

shlwapi

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oleaut32

version

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 24KB - Virtual size: 20KB