2024-01-23_52f4fb7b51810a5343ad570dd30eb46f_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-23_52f4fb7b51810a5343ad570dd30eb46f_icedid
Size

208KB
MD5

52f4fb7b51810a5343ad570dd30eb46f
SHA1

d13f13ebd52d7e083f7f2429145a18ee7649edcd
SHA256

79d29557268aa377ac03e6061f186600d3df0be1da5472686bf140b6a5bdd72c
SHA512

751edbdcfe0c9d3daf01cd212ad20feaa8114eb8bda004c2705f502d009046389ac2b1b28f598731792a669f996b7e6a652b708247fb2dd6535b5e89bc85068f
SSDEEP

3072:tLiZutXaxOR5PN+5yeuX4oi8puqw0VbvRSolzl4Vzx:tG5OR5l6MLuqwapRlyVz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-23_52f4fb7b51810a5343ad570dd30eb46f_icedid

Files

2024-01-23_52f4fb7b51810a5343ad570dd30eb46f_icedid
.exe windows:4 windows x86 arch:x86

fef5eb4a81a70450f4ee945b1848a481

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetConnectionA

advapi32

CopySid
GetLengthSid
IsValidSid
OpenProcessToken
OpenThreadToken
DuplicateToken
CheckTokenMembership
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA

kernel32

TlsSetValue
LocalReAlloc
TlsFree
GetModuleHandleA
lstrcatA
GetFileAttributesA
GetFileTime
GlobalFlags
GetCurrentThreadId
lstrcmpW
FreeLibrary
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
HeapAlloc
HeapFree
VirtualProtect
TlsAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetLogicalDrives
HeapReAlloc
GetStartupInfoA
GetCommandLineA
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
GetProcAddress
GetModuleFileNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpA
ReleaseSemaphore
CreateSemaphoreA
lstrcpyA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
SetLastError
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetCurrentThread
GetCurrentProcess
CloseHandle
CreateProcessA
ResumeThread
WaitForSingleObject
TerminateProcess
FindResourceA
InterlockedExchange
LoadResource
LockResource
SizeofResource
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc

user32

RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
SetWindowLongA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
LoadBitmapA
GetDlgCtrlID
PtInRect
GetFocus
SetWindowTextA
GetClassNameA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
CharUpperA
UnregisterClassA
RegisterWindowMessageA
WinHelpA
GetCapture
PostQuitMessage
DestroyMenu
GetSubMenu
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowRect
GetMenuCheckMarkDimensions
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetWindow
GetClassInfoA

gdi32

SetTextColor
SetMapMode
GetClipBox
DeleteObject
SetBkColor
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
ScaleViewportExtEx
RestoreDC
SaveDC
PtVisible
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comctl32

ord17

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA

oleaut32

VariantChangeType
VariantClear
VariantInit

userenv

UnloadUserProfile

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fef5eb4a81a70450f4ee945b1848a481

Headers

File Characteristics

Imports

mpr

advapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

comctl32

shlwapi

oleaut32

userenv

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 52KB - Virtual size: 48KB