2024-01-25_3f35fd54a390e4458365a5a4af68ba42_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-25_3f35fd54a390e4458365a5a4af68ba42_icedid
Size

747KB
MD5

3f35fd54a390e4458365a5a4af68ba42
SHA1

fe90ec577d732652163c43df6991c926fc1d8eee
SHA256

d1c1d013a0b9c48656973c9a576ba3092f696c6ea6d2a6be76776977d18d6b00
SHA512

83f939a18b38e0d52ffc339d6006ba105ad3b3c1c9c15db308de21060c5cbd0e7a9fc4f0c871283ae9b4532d01c1febb3250fa776e4ce259384d2db6f11602f2
SSDEEP

12288:l0kvrTv+tIxBq1ZARqluBJ6Tu7LkrRH48QH:l0kv1BfEYGTuEtH4R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-25_3f35fd54a390e4458365a5a4af68ba42_icedid

Files

2024-01-25_3f35fd54a390e4458365a5a4af68ba42_icedid
.exe windows:5 windows x86 arch:x86

f6d185f0378edc341e670c190418705b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA

kernel32

SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SizeofResource
TerminateProcess
HeapSize
ExitProcess
Sleep
HeapReAlloc
VirtualAlloc
GetStartupInfoA
GetCommandLineA
RaiseException
RtlUnwind
lstrcatA
WinExec
GetWindowsDirectoryA
LoadLibraryExA
GetExitCodeThread
TerminateThread
LocalLock
LocalUnlock
ExpandEnvironmentStringsA
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
LocalFree
FormatMessageA
GetModuleFileNameA
lstrlenA
SetLastError
SetErrorMode
CreateFileA
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpiA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetModuleHandleW
GlobalFlags
GetModuleFileNameW
GetTickCount
SetEvent
WaitForSingleObject
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetCurrentProcessId
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GlobalAlloc
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
HeapFree
GetModuleHandleA
GetProcAddress
LocalAlloc
lstrcpyA
GetLastError
LoadLibraryA
FreeLibrary
HeapAlloc
GetProcessHeap
GetVersionExA
GetCurrentProcess
SetStdHandle
CloseHandle

user32

ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
GetCursorPos
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetMenu
SetScrollPos
GetScrollPos
FillRect
IsWindowVisible
UpdateWindow
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
EnableWindow
TabbedTextOutA
GetDC
SendMessageA
TranslateMessage
GetMessageA
SetCursor
RegisterClipboardFormatA
CopyRect
ReleaseDC
GetWindowThreadProcessId
PostQuitMessage
GetTopWindow
ValidateRect
GetKeyState
DrawIcon
IsIconic
EndDeferWindowPos
GetClientRect
LoadIconA
GetSystemMetrics
wsprintfA
MessageBoxA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
MonitorFromPoint
GetMonitorInfoA
CreateIconIndirect
GetIconInfo
DestroyCursor
CopyIcon
ChildWindowFromPoint
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
SetCapture
LoadCursorA
GetSysColorBrush
WindowFromPoint
KillTimer
SetTimer
SetRect
ReleaseCapture
InvalidateRect
SetRectEmpty
UnregisterClassA
PostThreadMessageA
DestroyIcon
DestroyMenu
InflateRect
SetForegroundWindow
PtInRect
GetCaretPos
MapDialogRect
WindowFromDC
GetWindowRgn
IsMenu
SetWindowRgn
LoadImageA
SetClassLongA
FrameRect
GetActiveWindow
GetDesktopWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetWindow
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
IsRectEmpty

gdi32

GetObjectA
CreateBitmap
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetMapMode
ExcludeClipRect
LineTo
MoveToEx
SetTextJustification
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetBkColor
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
GetClipBox
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
CreatePen
CreateSolidBrush
GetTextExtentPoint32A
GetTextMetricsA
SetRectRgn
CombineRgn
DPtoLP
CreateCompatibleBitmap
SelectObject
SetTextColor
SetPixelV
Rectangle
OffsetRgn
CreateDIBSection
FrameRgn
FillRgn
CreatePolygonRgn
CreateRoundRectRgn
StretchBlt
GetDeviceCaps
ScaleWindowExtEx
PatBlt
CreateFontIndirectA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

ShellExecuteA

comctl32

ImageList_GetImageCount
ord17
ImageList_GetIcon

shlwapi

PathFindFileNameA
PathFindExtensionA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CLSIDFromString
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CoInitializeEx

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString

gdiplus

GdiplusStartup
GdipCreateFromHDC
GdipDeleteGraphics
GdipCloneImage
GdipDrawImageRectI
GdipCreateBitmapFromFileICM
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneBrush
GdipFillRectangleI
GdipSetSmoothingMode
GdipCreateLineBrushFromRectWithAngleI
GdipCreateSolidFill
GdipDeleteBrush
GdipAlloc
GdipFree

uxtheme

OpenThemeData
DrawThemeBackground
GetCurrentThemeName

Sections

.text
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6d185f0378edc341e670c190418705b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

winspool.drv

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

uxtheme

Sections

.text Size: 366KB - Virtual size: 366KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 13KB - Virtual size: 31KB

.rsrc Size: 280KB - Virtual size: 280KB

.text
Size: 366KB - Virtual size: 366KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 13KB - Virtual size: 31KB

.rsrc
Size: 280KB - Virtual size: 280KB