2024-01-23_f9cd238c87f5a1b5f064adb80604702c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-23_f9cd238c87f5a1b5f064adb80604702c_icedid
Size

24.1MB
MD5

f9cd238c87f5a1b5f064adb80604702c
SHA1

6bbec81e2b57b2e348ed1d9aad0508aef0959294
SHA256

3a8e5834d48b220581500254111dd72c4400719eef9c553a37c2bfdf078d8469
SHA512

209a94ecad306f8d63d9d88915ba0bc3de6403dbc815b3a44871172b3d357a96231875d86801532912a26251783cb838e0b0ac4827e9649d185bb94909b56346
SSDEEP

393216:LUb8lCOkxYXu8QLt2ewZ5goS+u8iEA64EI9aXuSceyiBI4UJWn4qduMg3x9IsUeC:QcCdqQLrwUo1H294wdAIjQdo3gsVBA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-23_f9cd238c87f5a1b5f064adb80604702c_icedid

Files

2024-01-23_f9cd238c87f5a1b5f064adb80604702c_icedid
.exe windows:4 windows x86 arch:x86

c217514b25158a6eaf105e1d5b7830a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Get_DevNode_Status

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInstallParamsA
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Request_Device_EjectA

kernel32

LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
RaiseException
GetStartupInfoA
GetVersionExA
ExitProcess
HeapFree
ExitThread
CreateThread
HeapAlloc
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsFree
GlobalHandle
TlsAlloc
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
MulDiv
SetLastError
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
GlobalFree
WideCharToMultiByte
GetProfileStringA
ReleaseSemaphore
GetLastError
CreateSemaphoreA
MultiByteToWideChar
GetCommandLineA
Sleep
SetThreadExecutionState
EnterCriticalSection
GetModuleFileNameA
GetModuleHandleA
GetTickCount
SizeofResource
LockResource
LoadResource
FindResourceA
GetTempPathA
WritePrivateProfileStringA
DeleteFileA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
ResetEvent
SetEvent
GetCurrentProcess
GetProcAddress
lstrlenA
LocalAlloc
LocalFree
GetTempFileNameA
GetCurrentThreadId
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetCommState
SetCommState
CancelIo
WriteFile
ReadFile
GetCommProperties
SetCommMask
CreateFileA
PurgeComm
WaitCommEvent
WaitForMultipleObjects
ClearCommError
GetFileSize
lstrcpyA
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
TlsSetValue
GlobalAlloc
GlobalLock
ResumeThread
SetThreadPriority
SuspendThread
CreateEventA
InterlockedIncrement
InterlockedDecrement
GlobalReAlloc

user32

PostThreadMessageA
PtInRect
GetClassNameA
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
RegisterClipboardFormatA
GetTopWindow
CopyAcceleratorTableA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
CreateWindowExA
GetClassLongA
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
InflateRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetWindowRect
MapDialogRect
SetWindowPos
SetWindowContextHelpId
LoadStringA
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
InvalidateRect
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DestroyMenu
MessageBeep
GetNextDlgGroupItem
SetRect
DefDlgProcA
IsWindowUnicode
GetMessageA
TranslateMessage
IsChild
CharNextA
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
RemovePropA
KillTimer
SetTimer
MessageBoxA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetPropA
SendMessageA
LoadIconA
GetDesktopWindow
GetDlgCtrlID
GetSysColorBrush
GetWindow
IsWindow
GetPropA
ShowWindow
SetForegroundWindow
GetLastActivePopup
LoadCursorA

gdi32

GetTextExtentPointA
CreateCompatibleDC
BitBlt
GetMapMode
LPtoDP
DPtoLP
GetBkColor
GetTextColor
PatBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateFontA
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA

shell32

CommandLineToArgvW

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType

rpcrt4

UuidFromStringA

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23.8MB - Virtual size: 23.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c217514b25158a6eaf105e1d5b7830a3

Headers

File Characteristics

Imports

cfgmgr32

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

rpcrt4

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 32KB - Virtual size: 49KB

.rsrc Size: 23.8MB - Virtual size: 23.8MB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 32KB - Virtual size: 49KB

.rsrc
Size: 23.8MB - Virtual size: 23.8MB