2024-01-18_c7171e5a506018926c1500ddd292d79a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-18_c7171e5a506018926c1500ddd292d79a_icedid
Size

4.7MB
MD5

c7171e5a506018926c1500ddd292d79a
SHA1

d6d6e60e9aa6caf739b2fc3dabc79fb376eb1744
SHA256

b5527ab68e1f56e8bb409d2553e0ba211270be3b2f211754fb6d81e70475655a
SHA512

4fe4db39fdd239bd0790fd48f97c0f471fb09c77b38cd0f3f079fd0f9e8eea22ac06289ceda3270dd44d5fb066537175905137fe3c0ec2626bdac93ee326c86b
SSDEEP

98304:X7qyAeFYQ54O1qqQR0NEjH1+oWgQjjT5qdBBmNgsJm2:eyAeZ4O1qqQR0NEjH17QjjaBcgsJd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-18_c7171e5a506018926c1500ddd292d79a_icedid

Files

2024-01-18_c7171e5a506018926c1500ddd292d79a_icedid
.exe windows:5 windows x86 arch:x86

0a2074bded1c3ef1aeabcf3c0f4edff9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
GetStdHandle
SetHandleCount
HeapCreate
VirtualFree
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
RemoveDirectoryA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetStartupInfoA
GetCommandLineA
SetCurrentDirectoryA
SetEnvironmentVariableA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
GetSystemDirectoryW
LoadLibraryW
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
SystemTimeToFileTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
MoveFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileIntA
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
GetCurrentProcessId
InterlockedDecrement
GetModuleFileNameW
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GlobalFree
lstrlenA
lstrcpyA
CreateProcessA
WaitForSingleObject
Sleep
SetThreadLocale
GetTempPathA
GetSystemTime
WritePrivateProfileStringA
GetPrivateProfileStringA
MultiByteToWideChar
lstrcpynA
DeleteFileA
GetVersionExA
GetSystemDefaultLangID
GetModuleFileNameA
GetTickCount
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetModuleHandleA
GetLastError
SetLastError
GetLogicalDriveStringsA
FreeLibrary
LoadLibraryA
GetConsoleMode
GetProcAddress
CreateDirectoryA

user32

SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
MessageBeep
CreateDialogIndirectParamA
IsDialogMessageA
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
IsWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
RemoveMenu
GetFocus
SetCapture
GetCapture
KillTimer
ScreenToClient
MapWindowPoints
DrawFocusRect
DrawFrameControl
OffsetRect
GetMessagePos
ReleaseCapture
CopyRect
LoadIconA
GetSystemMenu
GetMenuStringA
AppendMenuA
SetPropA
GetKeyState
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetRect
GetWindowRect
SetCursor
GetDlgCtrlID
SetWindowPos
LoadCursorA
LoadMenuA
InsertMenuA
GetSubMenu
EnableWindow
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
DeleteMenu
PtInRect
ClipCursor
SetClassLongA
LoadImageA
InvalidateRect
SetTimer
UpdateWindow
GetPropA
ReleaseDC
GetDC
GetClientRect
GetSystemMetrics
GetSysColor
GetParent
PostMessageA
SetWindowTextA
MoveWindow
ShowWindow
ClientToScreen
LockWindowUpdate
GetDCEx
TranslateMessage
DispatchMessageA
SendMessageA
GetTabbedTextExtentA
CreateMenu
DestroyWindow
PostThreadMessageA
DestroyIcon
UnregisterClassA
GetSysColorBrush
SetParent
SetCursorPos
RedrawWindow
WindowFromPoint
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
CharUpperA
GetWindowDC
GetMenuItemInfoA
DestroyCursor
SetWindowRgn
DrawIcon
IsRectEmpty
SetRectEmpty
IsZoomed
RegisterClipboardFormatA
WaitMessage
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageA
GetCursorPos
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
InflateRect
EndPaint
SetActiveWindow
BeginPaint
DestroyMenu

gdi32

PolyBezier
CreateRectRgnIndirect
CreatePen
GetDeviceCaps
CreateDCA
PatBlt
GetClipBox
SetTextColor
SetBkColor
GetObjectA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetTextMetricsA
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
CreateFontIndirectA
SetRectRgn
CombineRgn
GetMapMode
CreateEllipticRgn
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetCharWidthA
StretchDIBits
GetTextColor
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
ExtTextOutA
Escape
TextOutA
RectVisible
PtVisible
CreateSolidBrush
LPtoDP
Arc
CreateCompatibleBitmap
DPtoLP
BitBlt
Rectangle
Polygon
Ellipse
Polyline
GetROP2
GetBkColor
CreateFontA
GetTextExtentPoint32A
SetWindowOrgEx
CreateBitmap
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
RegFlushKey
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegDeleteKeyA
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

shell32

DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA
DragAcceptFiles
Shell_NotifyIconA
DragQueryFileA
ExtractIconA
SHBrowseForFolderA

comctl32

ImageList_GetIconSize
ImageList_DrawEx

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveFileSpecW

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleRun
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
CoInitializeEx
OleTranslateAccelerator

oleaut32

VariantClear
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VariantChangeType

ws2_32

WSASetLastError
WSACleanup
WSAStartup

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a2074bded1c3ef1aeabcf3c0f4edff9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 258KB - Virtual size: 258KB

.data Size: 26KB - Virtual size: 48KB

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 258KB - Virtual size: 258KB

.data
Size: 26KB - Virtual size: 48KB

.rsrc
Size: 2.8MB - Virtual size: 2.8MB