2024-01-23_9754b6434fa63c9cd42a98bba7dace2d_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-23_9754b6434fa63c9cd42a98bba7dace2d_icedid
Size

4.0MB
MD5

9754b6434fa63c9cd42a98bba7dace2d
SHA1

927aa377c7d03a4796009b63e6ddaf715c83d569
SHA256

45c9df09170b7bfe8f8664f30edbba8c3e97eac8ca381695752e20e1fc640977
SHA512

650bcd9412c5a9cfc645831ddb1732e116991fe004fc918424a8c4ac7deb94bd12d02d23c412fb664a7de71881bcbe930d6ccd55bf418e2a313ce7dc66485871
SSDEEP

12288:PTvIhMhjJzA8t8jRtMIgXIoj2n7+z3i2tce9PvVgcz:PTvIha1c8t3IBn7+22p9HCcz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-23_9754b6434fa63c9cd42a98bba7dace2d_icedid

Files

2024-01-23_9754b6434fa63c9cd42a98bba7dace2d_icedid
.exe windows:4 windows x86 arch:x86

fa6d780e3bfa4320d27c825f5cf71b14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
TerminateProcess
HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetOEMCP
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
CreateFileA
SetEnvironmentVariableA
HeapAlloc
GetCPInfo
HeapFree
ExitProcess
CreateDirectoryA
SizeofResource
RtlUnwind
GetStartupInfoW
SetErrorMode
GetFileTime
GetFileAttributesW
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
GetTickCount
GlobalFlags
RaiseException
FileTimeToLocalFileTime
FileTimeToSystemTime
WaitForSingleObject
CloseHandle
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetCurrentThread
GetModuleFileNameW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryW
lstrcpyW
FormatMessageW
LocalFree
GlobalAlloc
InterlockedIncrement
InterlockedDecrement
lstrcpynW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatW
lstrcmpW
GetModuleHandleW
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CompareStringW
CompareStringA
lstrlenA
lstrcmpiW
lstrlenW
GetVersion
GetLastError
GetVersionExA
GetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FindResourceW
LoadResource
LockResource

user32

PostThreadMessageW
RegisterClipboardFormatW
GetSysColorBrush
wsprintfW
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
MessageBeep
PostQuitMessage
CharNextW
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
IsWindowVisible
UpdateWindow
GetMenu
CopyRect
PtInRect
OffsetRect
SendMessageW
GetWindowRect
GetWindowDC
SetCapture
ReleaseDC
GetCapture
GetCursorPos
ReleaseCapture
EnableWindow
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
GetScrollInfo
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
EndDialog
CharUpperW
DrawIconEx
GetFocus
GetSubMenu
DestroyMenu
GetAsyncKeyState
GetKeyState
MessageBoxW
SetWindowPos
GetWindowLongW
LoadBitmapW
DrawIcon
PostMessageW
IsIconic
GetClientRect
ScreenToClient
InvalidateRect
LoadIconW
GetSystemMetrics
GetMessagePos
GetDC
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
GetParent
LoadCursorW
SetCursor
GetSysColor
DrawEdge
SetWindowRgn
WindowFromPoint
ClientToScreen
GetNextDlgGroupItem
DrawFocusRect
GetNextDlgTabItem
GetActiveWindow

gdi32

GetMapMode
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
CreateRectRgnIndirect
CreatePen
GetDeviceCaps
CreateFontW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
GetClipBox
SetMapMode
SetROP2
SetBkMode
RestoreDC
SaveDC
CreateDIBitmap
GetTextColor
GetBkColor
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
SelectClipRgn
CreateRectRgn
CombineRgn
DeleteDC
GetPixel
StretchBlt
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetObjectW
ExtSelectClipRgn

msimg32

GradientFill
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW

comctl32

ImageList_Destroy
ord17
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Create
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathAppendA
PathAddBackslashA
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFindFileNameA
PathFileExistsA
PathRemoveFileSpecA

oledlg

OleUIBusyW

ole32

CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
CLSIDFromString

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
SafeArrayDestroy
SysAllocString
SysStringLen
OleCreateFontIndirect
VariantCopy

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa6d780e3bfa4320d27c825f5cf71b14

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 396KB - Virtual size: 393KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 3.5MB - Virtual size: 3.5MB

.text
Size: 396KB - Virtual size: 393KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 3.5MB - Virtual size: 3.5MB