2024-01-25_1ff4f8b075516422952c65fad1d52b6b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-25_1ff4f8b075516422952c65fad1d52b6b_icedid
Size

236KB
MD5

1ff4f8b075516422952c65fad1d52b6b
SHA1

fde1a0787a77437a55484ebeaaef8031132db1da
SHA256

408a61dab6c9d945598ae23de803c5ae11c12afac52e407bca04ffb45ca88419
SHA512

81a01e45e236d77f09a64b0f7e2bf457903200cc478d217f76a3cead943ce6b0334bd672e88dd9f54692c8216fe9fb94c07f3450b9c83315c4beb7b9995a0d74
SSDEEP

3072:X09x6AwWR59CVvDBQLIc4fBnGwcI1CYj92vuu9IMPAg0FuSMkukklirSJS30:X0O259CdCb4fBnGwc5YEIMPAOZkfz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-25_1ff4f8b075516422952c65fad1d52b6b_icedid

Files

2024-01-25_1ff4f8b075516422952c65fad1d52b6b_icedid
.exe windows:4 windows x86 arch:x86

3a918afc52007b0e9f33563258da789b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
ExitProcess
TerminateProcess
ExitThread
CreateThread
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapFree
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
HeapAlloc
GetFileTime
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
FileTimeToSystemTime
WritePrivateProfileStringA
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GlobalFindAtomA
lstrcatA
lstrcmpW
InterlockedDecrement
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
SetThreadPriority
GetCurrentThread
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
GlobalGetAtomNameA
GlobalAddAtomA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
WriteFile
ReadFile
CloseHandle
CreateFileA
DeviceIoControl
GetCommandLineA
GetTickCount
Sleep
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetModuleFileNameA
GetLongPathNameA
lstrcpynA
CompareStringW
CompareStringA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
FreeLibrary
LoadLibraryA
ResumeThread
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeEnvironmentStringsW
InterlockedExchange

user32

MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
AdjustWindowRectEx
DeferWindowPos
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
GetWindowPlacement
GetWindowRect
PtInRect
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
FillRect
UnhookWindowsHookEx
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetCursorPos
ValidateRect
ShowOwnedPopups
PostQuitMessage
GetMenuState
RegisterWindowMessageA
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
CharUpperA
SystemParametersInfoA
DeleteMenu
AppendMenuA
CheckMenuItem
GetMenuItemCount
GetMenuStringA
GetSubMenu
SendMessageA
GetMenu
GetClientRect
SetFocus
GetFocus
EqualRect
SetWindowLongA
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
IsWindowVisible
IsIconic
InsertMenuItemA
GetMenuItemID
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
SetMenu
ShowWindow
GetWindow
TabbedTextOutA
GetSysColorBrush
UpdateWindow
InvalidateRect
SetTimer
KillTimer
EnableWindow
LoadCursorA
LoadIconA
wsprintfA
PostMessageA
FindWindowA
GetSystemMetrics
MessageBoxA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
TranslateAcceleratorA
GetDesktopWindow
GetActiveWindow

gdi32

CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
CreateSolidBrush
MoveToEx
LineTo
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
DeleteObject
GetTextMetricsA
BitBlt
PatBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCloseKey
RegQueryValueA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a918afc52007b0e9f33563258da789b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

version

oleaut32

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 12KB - Virtual size: 9KB