2024-01-22_ea55d9fb6882c3569dfc72c5557e5720_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-22_ea55d9fb6882c3569dfc72c5557e5720_icedid
Size

2.9MB
MD5

ea55d9fb6882c3569dfc72c5557e5720
SHA1

ef45656c36253b1194f8e0b0a6225b72f8f9d0fc
SHA256

a2906debfa13a71bfc13e1e46e7cf2a38434728339a9a5ec6b08f6e7204229d2
SHA512

b23f029fe960a5f83b845019c48584d226538ae51b07451a9e1382e1abc83ddefc209b671bee912c1322a851ff43191644a086f95581a334635df705e6ce146a
SSDEEP

12288:KX9p+vW+7e4inm85LXw3ysar+JnG3H7AhgRrJVyHpEkMKG:KuvW9rXw3y5uCEXHpEHKG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-22_ea55d9fb6882c3569dfc72c5557e5720_icedid

Files

2024-01-22_ea55d9fb6882c3569dfc72c5557e5720_icedid
.exe windows:5 windows x86 arch:x86

b2be9d3bcd366f00a434d454335aedce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW
mmioOpenW
mmioDescend
mmioClose
mmioRead
mmioAscend
waveOutOpen
waveOutGetErrorTextW
waveOutReset
waveOutClose
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveInOpen
waveInGetErrorTextW
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInStop
waveInReset
waveInClose
waveInUnprepareHeader
mixerOpen
mixerClose
mixerGetNumDevs
mixerGetID
mixerGetLineInfoW
mixerGetLineControlsW
mixerSetControlDetails
mixerGetControlDetailsW
mmioCreateChunk
mmioWrite

kernel32

ReleaseSemaphore
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
WritePrivateProfileStringW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetFileAttributesW
GetFileSizeEx
GetFileTime
CreateEventW
GetTickCount
GetStartupInfoW
HeapAlloc
HeapFree
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeA
GetFullPathNameA
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
ExitThread
CreateSemaphoreW
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetCurrentDirectoryA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateThread
InterlockedIncrement
SuspendThread
WaitForSingleObject
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleHandleA
lstrcmpA
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
VirtualProtect
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
GetCurrentProcessId
GetModuleFileNameW
lstrcpynW
FreeLibrary
CloseHandle
CreateMutexW
lstrcpynA
WaitForMultipleObjects
GetCurrentThreadId
ResetEvent
SetEvent
WideCharToMultiByte
Sleep
lstrcpyW
lstrcmpiW
FreeResource
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
GetCPInfo
lstrlenA
GetVersionExW
GetVersion
CreateDirectoryW
lstrcatW
GetCurrentDirectoryW
GetLastError
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
SetErrorMode

user32

IsDialogMessageW
SetWindowTextW
MoveWindow
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MapDialogRect
CharUpperW
SetRectEmpty
GetWindowDC
BeginPaint
EndPaint
DestroyMenu
ValidateRect
TranslateMessage
GetMessageW
CharNextW
SetWindowContextHelpId
LoadCursorW
UnregisterClassW
IsRectEmpty
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
IsWindowVisible
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetDlgCtrlID
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetActiveWindow
CreateDialogIndirectParamW
IsWindow
GetDlgItem
EndDialog
GetMenuStringW
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxW
DefWindowProcW
DestroyWindow
ShowWindow
CreateWindowExW
RegisterClassExW
SetForegroundWindow
GetCursorPos
FlashWindow
DrawIcon
IsIconic
GetSystemMenu
LoadIconW
UpdateWindow
KillTimer
SetTimer
PostThreadMessageW
PostQuitMessage
GetWindowInfo
PeekMessageW
CheckMenuItem
PtInRect
DrawFrameControl
RedrawWindow
EnableMenuItem
LoadMenuW
SetWindowRgn
FrameRect
LoadImageW
DrawStateW
OffsetRect
InflateRect
GetWindowRect
GetActiveWindow
WindowFromPoint
ClientToScreen
SetCursor
GetNextDlgTabItem
IsMenu
GetWindowLongW
DestroyCursor
GetKeyState
SetCapture
GetClientRect
ReleaseCapture
InvalidateRect
DrawFocusRect
GrayStringW
DrawTextExW
TabbedTextOutW
GetSubMenu
LoadBitmapW
GetSysColorBrush
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuState
ModifyMenuW
GetMenuItemCount
AppendMenuW
ReleaseDC
GetDC
GetDesktopWindow
GetSystemMetrics
DestroyIcon
DrawIconEx
SystemParametersInfoW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
DrawTextW
GetMenuItemInfoW
SetRect
DrawEdge
FillRect
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetWindow
DispatchMessageW
GetSysColor
CopyRect
GetParent
PostMessageW
SendMessageW
EnableWindow
wsprintfA
GetForegroundWindow

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
GetBkColor
CreateBitmap
GetStockObject
CreateRectRgnIndirect
GetCharWidthW
StretchDIBits
SaveDC
RestoreDC
SetBkMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
PatBlt
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetTextColor
GetRgnBox
GetCurrentObject
CreateFontW
SetPixel
GetPixel
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
GetBkMode
CreatePen
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
CombineRgn
CreateRectRgn
SetTextColor
SetBkColor
GetClipBox

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW

shell32

SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
ShellExecuteExW
Shell_NotifyIconW
SHBrowseForFolderW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitializeEx
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantClear
SysStringLen
SysFreeString
SysAllocStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect

iphlpapi

GetAdaptersInfo

ws2_32

socket
htons
WSAStartup
recv
closesocket
send
gethostbyname
connect

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable
InternetCloseHandle
InternetGetLastResponseInfoW
InternetOpenW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetOpenUrlW
InternetGetConnectedState

Sections

.text
Size: 575KB - Virtual size: 574KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2be9d3bcd366f00a434d454335aedce

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

iphlpapi

ws2_32

wininet

Sections

.text Size: 575KB - Virtual size: 574KB

.rdata Size: 156KB - Virtual size: 155KB

.data Size: 13KB - Virtual size: 29KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 575KB - Virtual size: 574KB

.rdata
Size: 156KB - Virtual size: 155KB

.data
Size: 13KB - Virtual size: 29KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB