2024-01-18_9b0ea76539a47b060026ee5284b01c70_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-18_9b0ea76539a47b060026ee5284b01c70_icedid
Size

1.0MB
MD5

9b0ea76539a47b060026ee5284b01c70
SHA1

def23c925738c8f560f0be3fd794937dea47eb39
SHA256

a0e36ee077c143438ad26bf90bdbc92720ea5b181ef158bc5df8ad175a8a1165
SHA512

c00bfbb32fe1098d4fef8e3dd2b0754c3d35b041056b1dd6ab00baa6d00754a7a3c685dd48cb756384dd395aa72cbb96414ef60edd126535d517af754d60b034
SSDEEP

24576:4sXgyF2YnnYg9NVADCvhmmZpYKgfKbb21:/gyF3Yg9NVJhvZe3fKbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-18_9b0ea76539a47b060026ee5284b01c70_icedid

Files

2024-01-18_9b0ea76539a47b060026ee5284b01c70_icedid
.exe windows:4 windows x86 arch:x86

83251b983acdc86c8a722a4a0c898841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetStartupInfoW
ExitProcess
RtlUnwind
HeapReAlloc
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetErrorMode
GetFileTime
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
GetCurrentThread
lstrcmpiA
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetPrivateProfileIntW
lstrcmpA
FormatMessageW
LocalFree
MulDiv
lstrcpynW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryA
lstrlenW
lstrcatW
lstrcmpW
GetVersionExA
WideCharToMultiByte
FlushInstructionCache
HeapAlloc
GetCurrentThreadId
GetProcessHeap
HeapFree
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
UnmapViewOfFile
ReleaseSemaphore
CreateSemaphoreW
CreateFileMappingW
MapViewOfFile
lstrcpyW
GetModuleHandleW
GetCurrentProcess
GetDriveTypeW
lstrcmpiW
WritePrivateProfileStringW
GetPrivateProfileStringW
FreeResource
GetTempPathW
GetExitCodeProcess
Sleep
DeleteFileW
GetModuleFileNameW
lstrlenA
GetSystemDefaultUILanguage
GetLocaleInfoW
SetLastError
GetFileAttributesW
CreateDirectoryW
MultiByteToWideChar
ReadFile
LeaveCriticalSection
EnterCriticalSection
CreateEventW
GetSystemTimeAsFileTime
WriteFile
GetOverlappedResult
CancelIo
WaitForSingleObject
TerminateThread
SetThreadPriority
CreateFileW
CloseHandle
GetLastError
OutputDebugStringW
FreeLibrary
LoadLibraryW
GetProcAddress
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
LoadResource
LockResource
SizeofResource
FindResourceW
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapDestroy
GetVersionExW

user32

PostThreadMessageW
GetMenuItemInfoW
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
CharUpperW
SetWindowRgn
EndPaint
BeginPaint
GetDC
GrayStringW
DrawTextExW
TabbedTextOutW
FillRect
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
WinHelpW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetMenu
RegisterClipboardFormatW
GetMenuItemID
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterClassExW
wsprintfW
GetClassInfoExW
CreateWindowExW
CallWindowProcW
SetWindowLongW
DestroyWindow
ValidateRect
GetForegroundWindow
GetWindowThreadProcessId
RegisterWindowMessageW
CloseWindow
GetMenuInfo
InvalidateRgn
CopyAcceleratorTableW
SetRect
SetMenuDefaultItem
CheckMenuItem
CreatePopupMenu
GetDoubleClickTime
IsRectEmpty
GetWindowDC
ReleaseDC
IsIconic
DrawIcon
IntersectRect
GetSystemMenu
AppendMenuW
PostQuitMessage
MessageBoxW
FindWindowW
ShowWindow
SetForegroundWindow
DefDlgProcW
GetSysColor
RegisterClassW
DrawEdge
GetWindow
UnionRect
SetRectEmpty
InflateRect
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
CharNextW
LoadMenuW
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
GetKeyState
OpenClipboard
MessageBeep
GetClipboardData
CloseClipboard
PostMessageW
RedrawWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
RegisterDeviceNotificationW
UnregisterDeviceNotification
InsertMenuItemW
BringWindowToTop
SetMenu
TranslateAcceleratorW
GetSysColorBrush
GetSubMenu
DestroyMenu
GetClassInfoW
DefWindowProcW
DrawTextW
OffsetRect
GetNextDlgGroupItem
GetWindowLongW
ClientToScreen
WindowFromPoint
GetWindowRect
MapVirtualKeyW
ReleaseCapture
GetCapture
SetCapture
GetSystemMetrics
InvalidateRect
SetCursor
ScreenToClient
PtInRect
GetCursorPos
KillTimer
SetTimer
CopyRect
LoadCursorW
UnregisterClassW
SystemParametersInfoW
GetParent
SendMessageW
IsWindow
IsWindowVisible
GetClientRect
EnableWindow
GetMenuItemCount

gdi32

GetDeviceCaps
CreatePen
CreateRectRgnIndirect
GetMapMode
CreateEllipticRgn
LPtoDP
Ellipse
GetBkColor
GetTextColor
MoveToEx
LineTo
SelectClipRgn
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetRgnBox
GetStockObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateSolidBrush
Rectangle
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
CreateDIBSection
SelectObject
GetTextMetricsW
GetCurrentObject
CombineRgn
CreateRectRgn
GetObjectW
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
SetSecurityDescriptorSacl
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW

shell32

ShellExecuteExW
Shell_NotifyIconW
DragQueryFileW
DragFinish
ShellExecuteW

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathSetDlgItemPathW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleIsCurrentClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

gdiplus

GdipCreateHatchBrush
GdipCreateFromHWNDICM
GdipCreateFromHWND
GdipGetPathWorldBoundsI
GdipDrawImagePointRectI
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipAddPathArc
GdipAddPathArcI
GdipSetStringFormatTrimming
GdipDrawRectangleI
GdipSetPenColor
GdipReleaseDC
GdipTranslateWorldTransform
GdipDrawEllipseI
GdipFillEllipseI
GdipSetPenWidth
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipCreatePen1
GdipDeletePen
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawPath
GdipFillPath
GdipCreateSolidFill
GdipCreatePen2
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipDrawLineI
GdipFillRectangleI
GdipDrawString
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipDrawRectangle
GdipSetPenDashStyle
GdipDrawLine
GdipAddPathLine
GdipFillRectangle
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCloneImage
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipSetPenDashCap197819
GdipDrawLines
GdipSetTextRenderingHint
GdipMeasureString
GdipCreateLineBrushFromRectWithAngleI
GdipClonePath
GdipClosePathFigure

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

winmm

timeKillEvent
timeSetEvent
timeEndPeriod
timeGetDevCaps
timeBeginPeriod

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 568KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83251b983acdc86c8a722a4a0c898841

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

setupapi

winmm

version

Sections

.text Size: 568KB - Virtual size: 564KB

.rdata Size: 160KB - Virtual size: 159KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 288KB - Virtual size: 287KB

.text
Size: 568KB - Virtual size: 564KB

.rdata
Size: 160KB - Virtual size: 159KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 288KB - Virtual size: 287KB