2024-01-25_4a0de5ad1e099eb2a85db8e58d6d0742_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-25_4a0de5ad1e099eb2a85db8e58d6d0742_icedid
Size

528KB
MD5

4a0de5ad1e099eb2a85db8e58d6d0742
SHA1

5d8df11e036908464538588c1a71b1c9046dbfbb
SHA256

0aff224708c2bf0eacca3bcac3a70b2eb3029bac86c1d81a7549ab9c0e281ae9
SHA512

ff0be240ec2fc7d3bac78b6e23e1f618106616f52fc4ba40db56250b3b1ad84f919748e0c320c99afe34b602ab934e380ec60e5c27eb0fcb28e093ab1cb9d3b0
SSDEEP

12288:wKOXK5fPQiX08+qg70Z2EcwSzdVwYO+8PO9sa+9UWQxv4UP6JKjpC/0qz3MgIROn:w85fPQiX08+qg70Z2EcwSzdVwYO+8POI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-25_4a0de5ad1e099eb2a85db8e58d6d0742_icedid

Files

2024-01-25_4a0de5ad1e099eb2a85db8e58d6d0742_icedid
.exe windows:4 windows x86 arch:x86

b362207c4687769f900e3df3c4faec8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
GlobalUnlock
GlobalLock
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpW
FindFirstFileA
CloseHandle
CreateFileA
GetFileAttributesA
GetFileSize
GetFileTime
DeleteFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
lstrcpyA
GetVolumeInformationA
GetFullPathNameA
LocalFree
FormatMessageA
InterlockedDecrement
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
RaiseException
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapFree
HeapAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
GetTimeZoneInformation
HeapDestroy
HeapCreate
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
lstrcpynA
GetModuleHandleA
GetProcAddress
lstrlenA
lstrcmpiA
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
MulDiv
FindFirstChangeNotificationA
WaitForSingleObject
FindCloseChangeNotification
CopyFileA
GetTickCount
Sleep
GlobalAlloc
GlobalFree
SetLastError
GetLastError
VirtualAlloc
VirtualFree
GetProfileStringA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetTempPathA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
FindClose
GetModuleFileNameA

user32

GetMenuState
ModifyMenuA
SetMenuItemBitmaps
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
PostQuitMessage
SetCursor
ValidateRect
TranslateMessage
GetMessageA
DestroyMenu
GetSysColorBrush
LoadCursorA
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
EnableMenuItem
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
GetClassInfoA
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
LoadBitmapA
IsZoomed
GetWindowRect
GetClientRect
EnableWindow
SendMessageA
wsprintfA
UpdateWindow
GetDesktopWindow
CopyRect
InflateRect
GetWindowPlacement
GetSystemMetrics
PtInRect
GetWindow
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
SetPropA
MoveWindow
FillRect
GetDC
ReleaseDC
GetCursorPos
IsDialogMessageA
ScreenToClient
LoadIconA
CharUpperA
SetFocus
PostMessageA

gdi32

GetClipBox
SetTextColor
SetBkColor
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
LineTo
MoveToEx
CreateFontA
GetObjectA
CreateCompatibleDC
BitBlt
CreatePen
Rectangle
GetTextExtentPoint32A
GetTextMetricsA
GetDeviceCaps
GetStockObject
RemoveFontResourceA
CreateFontIndirectA
SelectObject
GetCurrentPositionEx
Arc
Ellipse
RoundRect
PolyBezier
BeginPath
EndPath
FillPath
StrokePath
DeleteObject
PtVisible
RectVisible
SetViewportOrgEx
DeleteDC
TextOutA
ExtTextOutA
Escape
AddFontResourceA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
CreateSolidBrush
OffsetViewportOrgEx

winspool.drv

DocumentPropertiesA
EnumPrintersA
EndPagePrinter
AbortPrinter
WritePrinter
EnumJobsA
EnumMonitorsA
GetPrinterA
OpenPrinterA
StartDocPrinterA
ClosePrinter
StartPagePrinter
EndDocPrinter

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
StartServiceA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
ControlService
CloseServiceHandle
RegOpenKeyExA
RegCloseKey

shell32

FindExecutableA
ShellExecuteA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_LoadImageA
ImageList_Destroy
ord17

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b362207c4687769f900e3df3c4faec8a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

version

comctl32

shlwapi

comdlg32

oleaut32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 256KB - Virtual size: 253KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 256KB - Virtual size: 253KB