2024-01-18_2dfe82f8a766848f7e5ecfbc15012eeb_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-18_2dfe82f8a766848f7e5ecfbc15012eeb_icedid
Size

2.3MB
MD5

2dfe82f8a766848f7e5ecfbc15012eeb
SHA1

629aeb6eea69b7c37400983a2e5d09b8b8537da4
SHA256

058ec574e74257a008f16984b245ec01377ad33844dab52a51b3494787d32f16
SHA512

bc876eef7ed5f5f5a2f779a5cc826573a4c653275ecf2be56a196cf12c3a252daf3002d41bc7e82ba3aff35a224bf9f20932385d21d82b00eb73aa1db7180e64
SSDEEP

49152:1kivT8TpcV/rVtbK5DNfPu/lg7R0t8ihp7dDH:19TypyrnK5hfegR0Oiv1H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-18_2dfe82f8a766848f7e5ecfbc15012eeb_icedid

Files

2024-01-18_2dfe82f8a766848f7e5ecfbc15012eeb_icedid
.exe windows:4 windows x86 arch:x86

41ea4049140a22aad54cb146ba5abd99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluOrtho2D

opengl32

wglGetProcAddress
wglGetCurrentDC
wglDeleteContext
wglMakeCurrent
wglGetCurrentContext
wglShareLists
wglCreateContext
glReadBuffer
glDrawBuffer
glEnd
glVertex2i
glTexCoord2f
glColor3ub
glBegin
glEnable
glAlphaFunc
glViewport
glLoadIdentity
glMatrixMode
glCopyTexSubImage2D
glBindTexture
glTexParameteri
glDisable
glRecti
glTexSubImage2D
glTexCoord2d
glGetTexImage
glBlendFunc
glTexImage2D
glGenTextures
glDeleteTextures
glGetString

ddraw

DirectDrawCreate

winmm

timeGetTime

kernel32

InterlockedIncrement
GetCPInfo
GetOEMCP
MoveFileA
DeleteFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
GetFileAttributesA
WritePrivateProfileStringA
SetErrorMode
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
ExitThread
RaiseException
CreateDirectoryA
ExitProcess
TerminateProcess
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
Sleep
WideCharToMultiByte
GetVersionExA
GetCurrentDirectoryA
CreateThread
GetLastError
CreateMutexA
GetProcAddress
LoadLibraryA
OutputDebugStringA
FreeLibrary
SetLastError
InterlockedExchange
GlobalFlags
GlobalFree
FormatMessageA
LocalFree
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
InterlockedDecrement
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
FindResourceA
LoadResource
LockResource
SizeofResource
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalMemoryStatus
GetModuleHandleA
GetSystemInfo
GlobalAlloc
GetACP
GlobalSize
GlobalLock
GlobalUnlock
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA

user32

InflateRect
GetMenuItemInfoA
GetSysColorBrush
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
AdjustWindowRectEx
DeferWindowPos
RegisterClassA
UnregisterClassA
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
RegisterWindowMessageA
wsprintfA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
TabbedTextOutA
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetMenu
PeekMessageA
GetCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
SetMenu
ShowWindow
GetWindowLongA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
EnableWindow
TranslateAcceleratorA
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
ReleaseDC
ChangeDisplaySettingsA
EnumDisplaySettingsA
SetRect
GetDC
MessageBoxA
LoadIconA
SendMessageA
UpdateWindow
ReleaseCapture
GetCursorPos
PtInRect
SetCursor
DestroyCursor
GetSystemMetrics
LoadCursorA
SetCapture
KillTimer
SetTimer
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
IsZoomed
IsIconic
PostMessageA
FillRect
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
GetWindowDC
GrayStringA
DrawTextExA
GetClassInfoA
DrawTextA
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
CreateWindowExA
SetWindowsHookExA
SetFocus
CallNextHookEx
GetDlgCtrlID

gdi32

RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
DeleteObject
SetBkMode
SetMapMode
BitBlt
GetPixel
GetObjectA
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreatePatternBrush
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetTextExtentPoint32A
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
SwapBuffers
SetPixelFormat
ChoosePixelFormat
PtVisible
DescribePixelFormat

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

ws2_32

inet_addr
bind
WSASetLastError
connect
sendto
htons
WSAAsyncSelect
htonl
gethostbyname
select
socket
recv
WSACancelAsyncRequest
inet_ntoa
WSAAsyncGetHostByName
shutdown
WSAGetLastError
accept
closesocket
WSACleanup
WSAStartup
recvfrom
send

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 500KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41ea4049140a22aad54cb146ba5abd99

Headers

File Characteristics

Imports

glu32

opengl32

ddraw

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

ws2_32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 500KB - Virtual size: 497KB

.data Size: 20KB - Virtual size: 1.7MB

.rsrc Size: 80KB - Virtual size: 76KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 500KB - Virtual size: 497KB

.data
Size: 20KB - Virtual size: 1.7MB

.rsrc
Size: 80KB - Virtual size: 76KB