2024-01-24_916a64e83fb17a24fa9aa3e5cb1f48db_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-24_916a64e83fb17a24fa9aa3e5cb1f48db_icedid
Size

4.7MB
MD5

916a64e83fb17a24fa9aa3e5cb1f48db
SHA1

123c3a8d278172d5bc78010641dd460c00edb0e9
SHA256

3cf1928763adeb84d139711a79ba5f66b8b4dc01c1375bfa5de16a0b0efc0b6f
SHA512

f14bb70ec8d9f68c1ee4d5ce87416809d20e3c0bc9e75433b57160151870ec96e8c6a599ed18efd283ebd4743056ca4833a4669b8b9b817fb73af4e6e2994eb6
SSDEEP

98304:m4P14tevDvcduiXzWpTfwc3uEy30m0VdDwKU:mTtevDvFfwc3uEyUdW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-24_916a64e83fb17a24fa9aa3e5cb1f48db_icedid

Files

2024-01-24_916a64e83fb17a24fa9aa3e5cb1f48db_icedid
.exe windows:5 windows x86 arch:x86

d29f558c355a953f84bfb7668c2fe4a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetDefaultIMEWnd

kernel32

GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetCurrentDirectoryA
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
LoadLibraryW
GetProcAddress
FreeLibrary
SetLastError
GetLastError
GetModuleHandleW
SizeofResource
LockResource
LoadResource
FindResourceW
FileTimeToSystemTime
GetLocalTime
GetFileAttributesExW
FileTimeToLocalFileTime
DeleteFileW
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
DeviceIoControl
MultiByteToWideChar
GetLogicalDrives
GetVolumeInformationW
Sleep
CreateDirectoryW
CopyFileW
CreateMutexW
CloseHandle
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GetVersionExW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
lstrlenW
GetModuleHandleA
MulDiv
GlobalUnlock
GlobalLock
GetModuleFileNameW
GetCurrentProcessId
LocalFree
FormatMessageW
GlobalAlloc
GlobalFree
WideCharToMultiByte
InterlockedDecrement
WaitForSingleObject
SetEvent
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
WritePrivateProfileStringW
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
InterlockedIncrement
lstrlenA
GetCurrentDirectoryW
MoveFileW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
GetFullPathNameW
CreateFileW
SetErrorMode
GetFileAttributesW
SetHandleCount
GetStartupInfoW
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
SetEnvironmentVariableW
SetCurrentDirectoryW
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW

user32

RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
GetScrollRange
SetScrollPos
UpdateWindow
PostMessageW
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GrayStringW
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
EnableWindow
SendMessageW
LoadImageW
GetClientRect
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetClassInfoW
GetScrollInfo
IsWindow
keybd_event
SetForegroundWindow
DeleteMenu
IsDialogMessageW
SetWindowTextW
InsertMenuW
GetMenuState
ShowWindow
IsWindowEnabled
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
TabbedTextOutW
DrawTextW
GetScrollPos
DrawTextExW
GetWindowRect
GetParent
SystemParametersInfoW
GetSysColorBrush
InvalidateRect
OffsetRect
GetSystemMetrics
GetFocus
IsWindowVisible
SetCapture
ReleaseCapture
InflateRect
PtInRect
FillRect
GetDC
ReleaseDC
GetCursorPos
SetTimer
KillTimer
BeginPaint
EndPaint
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetDesktopWindow
LoadCursorW
SetCursor
UnregisterClassW
PostQuitMessage
DestroyMenu
GetGUIThreadInfo
GetForegroundWindow
ValidateRect
GetMessageW
TranslateMessage
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetSubMenu
GetClassNameW
CopyRect
ClientToScreen
ScreenToClient
LoadMenuW
LoadStringW
MessageBoxW
LoadBitmapW

gdi32

DeleteDC
BitBlt
CreateDIBSection
GetDIBits
CreateCompatibleDC
DeleteObject
GetDeviceCaps
CreateSolidBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32W
CreateCompatibleBitmap
GetStockObject
CreateFontW
GetObjectW
SelectObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW

shell32

ShellExecuteW
SHGetFileInfoW
SHGetSpecialFolderPathW
Shell_NotifyIconW

comctl32

InitCommonControlsEx

shlwapi

PathIsDirectoryW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathAddBackslashW

ole32

CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
VariantInit

gdiplus

GdiplusShutdown

btchiddev

_XHidDev_UnloadDriver@0
_UCD_SendData@8
_XHidDev_LoadDriver@4

winmm

timeGetTime

ws2_32

ntohl
htons

Sections

.text
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d29f558c355a953f84bfb7668c2fe4a1

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

btchiddev

winmm

ws2_32

Sections

.text Size: 375KB - Virtual size: 374KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 22KB - Virtual size: 40KB

.rsrc Size: 4.2MB - Virtual size: 4.2MB

.text
Size: 375KB - Virtual size: 374KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 22KB - Virtual size: 40KB

.rsrc
Size: 4.2MB - Virtual size: 4.2MB