2024-01-23_9ad6dfbd91c0c8688213b5b1f98905b7_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-23_9ad6dfbd91c0c8688213b5b1f98905b7_icedid
Size

256KB
MD5

9ad6dfbd91c0c8688213b5b1f98905b7
SHA1

d256d685910dbb97585d23f56bd63b78c3aad2c2
SHA256

2cf9b18286548c37452cf8dd425376ff2de149991326ec907caef7f409208d0a
SHA512

c8929056921ebc465265fb3ae7949e187b8f0527602fa7d5c96761aff3819b44b31993d64e613eb0a8051e39c6f9dd0165957fee137c2b50720fa876c6a36ad1
SSDEEP

6144:bF/h6VIDn6gz5PtdANhQenfDJbrqlE4XmxS:bFRPtmhQe7lrqWT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-23_9ad6dfbd91c0c8688213b5b1f98905b7_icedid

Files

2024-01-23_9ad6dfbd91c0c8688213b5b1f98905b7_icedid
.exe windows:5 windows x86 arch:x86

f9a0b1fddb2ab10ced978b5fdc9c54eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rtclientsdk71

AvsPtzControl
AvsPtzMaxPreset
AvsPtzStatus
AvsOpenSocket
AvsConnect
AvsLogin
AvsPtzConnect
AvsDisconnect
AvsCloseSocket

dinput8

DirectInput8Create

kernel32

GetFileAttributesA
GetFileSizeEx
GetFileTime
WritePrivateProfileStringA
RtlUnwind
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RaiseException
VirtualAlloc
HeapReAlloc
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FileTimeToLocalFileTime
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
SetErrorMode
FileTimeToSystemTime
GetModuleHandleW
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
lstrlenA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryA
GetLastError
MultiByteToWideChar
FreeLibrary
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
MulDiv
GetProcAddress
SetLastError
GetModuleFileNameA
SetCurrentDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
Sleep
GetModuleHandleA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
IsDebuggerPresent

user32

GetSysColorBrush
SetCursor
PostQuitMessage
CharUpperA
GetMessageA
TranslateMessage
ValidateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetCursorPos
WindowFromPoint
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcA
GetMenu
SetWindowPos
CopyRect
SetRect
SetWindowRgn
GetWindowRgn
GetClientRect
RedrawWindow
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
EndPaint
UnregisterClassA
DestroyMenu
GetForegroundWindow
SetCapture
GetParent
EnableWindow
SendMessageA
PtInRect
PostMessageA
ReleaseCapture
ReleaseDC
InvalidateRect
CallWindowProcA
GetWindowLongA
GetDC
SetWindowLongA
DrawTextA
DrawFrameControl
GetSysColor
OffsetRect
BringWindowToTop
GetWindowRect
GetCapture
LoadCursorA
BeginPaint
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
TabbedTextOutA
IsWindow
LoadImageA
FindWindowA
GetSystemMetrics
LoadIconA
GetDlgItem

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
SetViewportExtEx
SetViewportOrgEx
GetDeviceCaps
ScaleViewportExtEx
CreateFontA
GetRgnBox
PtInRegion
DeleteObject
GetPixel
BitBlt
CreateCompatibleDC
CombineRgn
CreateRectRgn
GetObjectA
Escape
TextOutA
RectVisible
PtVisible
GetClipBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetRegionData
ExtCreateRegion
GetStockObject
SetBkColor
SetTextColor
SelectObject
ExtTextOutA
GetTextMetricsA
OffsetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

CoInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9a0b1fddb2ab10ced978b5fdc9c54eb

Headers

DLL Characteristics

File Characteristics

Imports

rtclientsdk71

dinput8

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 9KB - Virtual size: 23KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 9KB - Virtual size: 23KB

.rsrc
Size: 16KB - Virtual size: 16KB