2024-01-18_4acbca951bcd893d617e516f653a9da7_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-18_4acbca951bcd893d617e516f653a9da7_icedid
Size

320KB
MD5

4acbca951bcd893d617e516f653a9da7
SHA1

1187cb6b1943b075a03793cee6c42ba7620dbe00
SHA256

321959b7bee588f415ee1c41a773497a207a7b0c75da2069c91f06800a6efde3
SHA512

c5f9075a76d7e25a267f4b981cf75fbd74cbd5be223cdb06626e3652f26edfbe945fd953529166861dc7eb7e85d11612d939d9d4380fe01f3ccf57335e3e7686
SSDEEP

6144:vHyUFNjPiy8QIOT4+bwZqMe7yW8esIa4rFRxd:vHXZP+QI9+bwMM74r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-18_4acbca951bcd893d617e516f653a9da7_icedid

Files

2024-01-18_4acbca951bcd893d617e516f653a9da7_icedid
.exe windows:4 windows x86 arch:x86

1796c0055782bdbceff695b0226a6b69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

unrar

RAROpenArchiveEx
RARReadHeader
RARProcessFile
RARCloseArchive

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

secur32

GetUserNameExA

wininet

InternetQueryDataAvailable
HttpQueryInfoA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetErrorDlg
InternetSetOptionExA
InternetConnectA

kernel32

DuplicateHandle
GetVolumeInformationA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetFileTime
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
HeapAlloc
SetEndOfFile
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
SetEnvironmentVariableA
HeapReAlloc
TerminateProcess
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
UnlockFile
LockFile
FlushFileBuffers
WriteFile
MoveFileA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
FreeResource
SetLastError
GlobalFree
MulDiv
lstrcpynA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetCurrentThreadId
GetLocalTime
ReadFile
GetStartupInfoA
SetFilePointer
GetModuleFileNameA
GetDriveTypeA
LocalAlloc
GetFullPathNameA
SetErrorMode
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
Sleep
GetTempFileNameA
CreateDirectoryA
GetPrivateProfileSectionNamesA
DeleteFileA
CopyFileA
WritePrivateProfileStringA
CreateThread
CreateMutexA
SetThreadLocale
GetTempPathA
GetCommandLineA
CreateFileA
GetFileAttributesA
SetFileAttributesA
FindNextFileA
RemoveDirectoryA
FormatMessageA
LocalFree
GetPrivateProfileStringA
GetCurrentProcess
SetCurrentDirectoryA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
FindFirstFileA
FindClose
DeleteCriticalSection
InitializeCriticalSection
RaiseException
FindResourceA
LoadResource
LockResource
SizeofResource
GetEnvironmentVariableA
CompareStringW
CompareStringA
LoadLibraryA
GetProcAddress
CloseHandle
FreeLibrary
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapFree

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindowTextA
GetFocus
SetWindowPos
SetFocus
ShowWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindow
IsWindowVisible
GetWindowRect
LoadBitmapA
PostMessageA
GetDesktopWindow
CharToOemA
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
GetClientRect
IsIconic
SendMessageA
DrawIcon
MessageBoxA
UnregisterClassA
ExitWindowsEx
EnableWindow
CharUpperA
PostQuitMessage

gdi32

SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
SetMapMode
OffsetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetUserNameA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1796c0055782bdbceff695b0226a6b69

Headers

File Characteristics

Imports

unrar

version

secur32

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

oleacc

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 20KB - Virtual size: 17KB