2024-01-25_9d8a20cd879d918ff90000a3136f9478_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-25_9d8a20cd879d918ff90000a3136f9478_icedid
Size

372KB
MD5

9d8a20cd879d918ff90000a3136f9478
SHA1

5654507811170bdc0b7afee4e2d741d1ccb3ae6b
SHA256

78e55f9ce09696fae9847042f1c6f5b3b7f253d23b8aa9dd171818342525d31d
SHA512

ea0676f0c0c2ae050e1f16c39e9fa8e0a518f055a92d80e6d50c8c1eae15d8104b652a945e08f16197805ee39b9717c1fb0c1221401f9d75a6c8b10a309d16a4
SSDEEP

6144:VN0+Uqgw6F/knJooIiCmuoWk5Vu0kIap2DOJB0YYTtAUkcR0dv:VN0+UqjQmQmuoW5Az

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-25_9d8a20cd879d918ff90000a3136f9478_icedid

Files

2024-01-25_9d8a20cd879d918ff90000a3136f9478_icedid
.exe windows:4 windows x86 arch:x86

f93eda83d13bc2b735bf7e6163c03690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetOptionExA
InternetQueryDataAvailable
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
HttpQueryInfoA
InternetFindNextFileA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestA
FtpFindFirstFileA
InternetConnectA
InternetCloseHandle
FtpCommandA
InternetGetLastResponseInfoA
HttpOpenRequestA

kernel32

GlobalFlags
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
GetCurrentDirectoryA
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetTimeFormatA
GetDateFormatA
RaiseException
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
TerminateProcess
HeapSize
SystemTimeToFileTime
GetFileType
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualProtect
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
LocalFileTimeToFileTime
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
CreateEventA
SuspendThread
ResumeThread
SetThreadPriority
FindNextFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
MoveFileA
WaitForSingleObject
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
SetLastError
MulDiv
FormatMessageA
LocalFree
FreeResource
GetFileSize
ReadFile
CreateFileA
WriteFile
GetWindowsDirectoryA
WinExec
CloseHandle
LoadLibraryA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetSystemInfo
GetModuleHandleA
GetProcAddress
CreateDirectoryA
GetStringTypeExA
CompareStringW
CompareStringA
GetVersion
WaitForMultipleObjects
lstrcatA
lstrcpyA
GetTempPathA
DeleteFileA
Sleep
GetExitCodeThread
SetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryExA
FreeLibrary
EnterCriticalSection
GetModuleFileNameA
LeaveCriticalSection
IsDBCSLeadByte
InterlockedDecrement
lstrcpynA
InterlockedIncrement
lstrcmpiA
lstrlenA
GetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetStdHandle

user32

LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
GetMenuItemInfoA
ReleaseCapture
SetCapture
ClientToScreen
SetWindowRgn
DrawIcon
FillRect
FindWindowA
ShowOwnedPopups
RegisterClipboardFormatA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
wsprintfA
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
LoadIconA
PeekMessageA
ScrollWindow
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
GetMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
MessageBeep
SetWindowLongA
LoadCursorA
CopyIcon
GetSysColor
IsWindow
GetMessagePos
KillTimer
PostThreadMessageA
DestroyIcon
GetSysColorBrush
WindowFromPoint
SetTimer
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
GetClientRect
InflateRect
PtInRect
SetCursor
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnpackDDElParam
UnhookWindowsHookEx
ReuseDDElParam
GetParent
CharUpperA
PostQuitMessage
DestroyMenu
SetForegroundWindow
GetSystemMetrics
TrackPopupMenu
GetWindowRect
LoadMenuA
GetSubMenu
MessageBoxA
UpdateWindow
PostMessageA
SendMessageA
CharNextA
EnableWindow
MapWindowPoints
ModifyMenuA

gdi32

CreatePatternBrush
CreateSolidBrush
DeleteObject
SetMapMode
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetPixel
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject
SetBkMode
RestoreDC
SaveDC
CreateCompatibleBitmap
ExtTextOutA
BitBlt
CreateCompatibleDC
Ellipse
LPtoDP
CreateEllipticRgn
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetFileSecurityA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegCreateKeyA
GetFileSecurityA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegSetValueA

shell32

ExtractIconA
ShellExecuteA
SHGetSpecialFolderPathA
DragFinish
DragQueryFileA
SHGetFileInfoA

comctl32

ord17
ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo

shlwapi

UrlUnescapeA
PathFindExtensionA
PathIsDirectoryA
PathFileExistsA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oledlg

ord8

ole32

CoCreateInstance
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysFreeString

Sections

.text
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f93eda83d13bc2b735bf7e6163c03690

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 260KB - Virtual size: 256KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 260KB - Virtual size: 256KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 32KB - Virtual size: 31KB