2024-01-26_7772e6af3705cdfbf4b8a20c374a9797_icedid

General

Target

2024-01-26_7772e6af3705cdfbf4b8a20c374a9797_icedid
Size

3.9MB
MD5

7772e6af3705cdfbf4b8a20c374a9797
SHA1

013f49d7b54b8eafcc04993d492636f8bc7150ed
SHA256

dbd32cbd28ebdc1a01b20178a290abdbe2bf9a61ecb4af9641567dcd2db8fca9
SHA512

fe5df3f2c97852bdc48af46ec1bdcfdbc552a58dda83ae23a9e8d5c29d0da6f9d14458d3367c8eca671dd3addf9570d16fb68f172d1857932643e4c09eccf862
SSDEEP

49152:LzmLfUAEp6lsNBk9/fw2BwfmM0fNhKPgssSt2givxDDzx:LzpCsNi9XwgwfoFhv7StmDDF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-26_7772e6af3705cdfbf4b8a20c374a9797_icedid

Files

2024-01-26_7772e6af3705cdfbf4b8a20c374a9797_icedid
.exe windows:4 windows x86 arch:x86

978a83e4e4fc81bd6ec2e78d6b0dafbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoInitialize

user32

ShowWindow
PeekMessageW
SetWindowTextW
MessageBoxW
CreateDialogParamW
LoadIconW
SendMessageW
GetMessageW
EnableWindow
GetDlgItem
IsDialogMessageW
TranslateMessage
DispatchMessageW
SetDlgItemTextW
DestroyWindow

advapi32

RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW

shell32

SHGetFolderPathW

msvcrt

wcslen
wcscpy
wcsncpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memset
wcscat

kernel32

SetFileAttributesW
DeleteFileW
MoveFileExW
GetFileAttributesW
GetModuleHandleW
GetProcAddress
RemoveDirectoryW
GetModuleFileNameW
GetTempPathW
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
CreateDirectoryW
LocalFree
FormatMessageW
GetModuleHandleA
GetStartupInfoA
GetCommandLineW
GetLastError
CopyFileW
CloseHandle
CreateProcessW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

978a83e4e4fc81bd6ec2e78d6b0dafbd

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB