2024-01-26_4414fef7f1a373541c57809a9a6801b8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-26_4414fef7f1a373541c57809a9a6801b8_icedid
Size

160KB
MD5

4414fef7f1a373541c57809a9a6801b8
SHA1

a2205e045f7163e15d10ed02609a37d7d3ee8d1d
SHA256

42f9e8c4578f438f65e3dac3328d378dc586635418e41e3dc5b2a0852c04c976
SHA512

813f3c01ed48c2836d1460e85da2e62777037c2ec83dad2667c86f4e1724c8075fc412e6045c337fcf05b21db04b177240346236220c86baf9db3f88c813ad09
SSDEEP

3072:Et4PvV0yAf6aOgyx3YoJJnEnlbDoRRdlu4B2DvwD:QO0N4B3TJJ65Dofm4YD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-26_4414fef7f1a373541c57809a9a6801b8_icedid

Files

2024-01-26_4414fef7f1a373541c57809a9a6801b8_icedid
.exe windows:4 windows x86 arch:x86

5f732007fa03eb5dd6581e1db923099f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Get_Device_IDA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA
SetupCopyOEMInfA

newdev

UpdateDriverForPlugAndPlayDevicesA

kernel32

RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
DeleteFileA
SetFileAttributesA
FormatMessageA
GetLastError
OutputDebugStringA
GetWindowsDirectoryA
MultiByteToWideChar
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
LoadLibraryA
SetErrorMode
GetOEMCP
GetCPInfo
GetFullPathNameA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedIncrement
GetCurrentDirectoryA
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
InterlockedDecrement
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
CloseHandle
GlobalAddAtomA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetLastError
GlobalFree
GlobalUnlock
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
lstrcpyA
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
GetStringTypeA

user32

GetSysColorBrush
wsprintfA
LoadCursorA
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
SetWindowTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
MessageBoxA
SendMessageA
IsIconic
GetClientRect
LoadIconA
EnableWindow
UnhookWindowsHookEx
DestroyWindow
GetDlgItem
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
DestroyMenu
GetSystemMetrics
PostMessageA
PostQuitMessage
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnregisterClassA
SetCursor
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
DeleteObject
GetStockObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f732007fa03eb5dd6581e1db923099f

Headers

File Characteristics

Imports

cfgmgr32

setupapi

newdev

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 24KB - Virtual size: 22KB