2024-01-25_4d1593b19057e687920f1980ebb5eb67_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-25_4d1593b19057e687920f1980ebb5eb67_icedid
Size

392KB
MD5

4d1593b19057e687920f1980ebb5eb67
SHA1

12d4925e569315da7188d929314b3652ae4cf7d6
SHA256

fe0a0ad4b43447f9b80332e418dd41d0c0a763232a0820cf0b5edcbae390640a
SHA512

8d6d3e236ffcfea1cb6f74ac173bd81321a260ef7b08d08bbbd2180710b83ce22c80bc30681f33981671df3d3a6c4e2a406d4180ca3d5003e89af72abe8a4a21
SSDEEP

6144:avMI57djWP4P5vXeVTvRu/MaeQOxLyZWeBx3PG6NGR+ztBeSHdoISZ3:avMIFdjQ4SvRzDwVBx3PG6K+zLpoISd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-25_4d1593b19057e687920f1980ebb5eb67_icedid

Files

2024-01-25_4d1593b19057e687920f1980ebb5eb67_icedid
.exe windows:5 windows x86 arch:x86

71088c549261ad92148eb5336a7a47aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalAlloc
LoadLibraryExA
EnumResourceLanguagesA
ConvertDefaultLocale
GetModuleFileNameW
MulDiv
InitializeCriticalSectionAndSpinCount
FormatMessageA
GlobalFlags
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
LocalReAlloc
GetThreadLocale
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetFullPathNameA
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
InterlockedExchange
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
VirtualFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
HeapAlloc
GetModuleHandleA
ExitProcess
HeapSize
GetCurrentThread
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
GetStartupInfoA
GetCommandLineA
CreateThread
GetLastError
GetCurrentThreadId
ExitThread
RaiseException
RtlUnwind
DeviceIoControl
Sleep
ResumeThread
MultiByteToWideChar
SetLastError
ReleaseMutex
VirtualProtect
GetSystemInfo
VirtualQuery
CreateMutexA
WaitForSingleObject
SetFileAttributesA
DeleteFileA
MoveFileExA
WritePrivateProfileStringA
RemoveDirectoryA
lstrcmpA
FlushFileBuffers
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileTime
CloseHandle
FindFirstFileA
FindClose
CreateDirectoryA
GetDriveTypeA
GetVolumeInformationA
GetDiskFreeSpaceExA
LocalAlloc
LocalFree
QueryPerformanceFrequency
QueryPerformanceCounter
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
SetCurrentDirectoryA
WinExec
GetCurrentDirectoryA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrlenA
GetWindowsDirectoryA
GetSystemDirectoryA
GetVersionExA
lstrcpyA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

user32

PostThreadMessageA
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
CharUpperA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
RegisterClipboardFormatA
UnregisterClassA
MessageBeep
LoadBitmapA
GetNextDlgGroupItem
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetWindowLongA
GetDC
ReleaseDC
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
GetWindowTextA
GetDlgItem
InvalidateRgn
CheckRadioButton
EnableWindow
MessageBoxA
PostMessageA
SendMessageA
SetTimer
GetClassNameA

gdi32

DeleteDC
GetStockObject
GetDeviceCaps
ExtSelectClipRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
CreateRectRgnIndirect
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PtVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oledlg

ord8

ole32

OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
OleIsCurrentClipboard
OleFlushClipboard
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71088c549261ad92148eb5336a7a47aa

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 249KB - Virtual size: 249KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 12KB - Virtual size: 30KB

.rsrc Size: 66KB - Virtual size: 66KB

.text
Size: 249KB - Virtual size: 249KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 12KB - Virtual size: 30KB

.rsrc
Size: 66KB - Virtual size: 66KB