2024-01-26_55181b8daefbf48c25774e5e11c74052_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-26_55181b8daefbf48c25774e5e11c74052_icedid
Size

1.5MB
MD5

55181b8daefbf48c25774e5e11c74052
SHA1

c6b2d1607646c817c4dd6e40972bbcc51969002b
SHA256

1369a033613a8fb12b2097f26f96275a20fb55581abe61bbe5250e308c226b71
SHA512

ca39d2d20d82e18a2706239a7e378418acd5f48bbfcaa85b4579b2d2535b7d08217a875be4d214750ed784425351d3e24ed6ede881f979b677ca48cf2e7c2968
SSDEEP

24576:c/a3g0v/D9x/wLbaglkfHZxkFragewzq:S0v/D9ObaJHZxkFu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-26_55181b8daefbf48c25774e5e11c74052_icedid

Files

2024-01-26_55181b8daefbf48c25774e5e11c74052_icedid
.exe windows:4 windows x86 arch:x86

2dc4ccafb8626f6bd38fe105d9e4938a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LocalUnlock
LocalLock
GetModuleFileNameA
MoveFileExA
SetEnvironmentVariableA
GetSystemDirectoryA
FormatMessageA
GlobalFree
SetLastError
InterlockedDecrement
lstrcmpW
lstrcatA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetFileSize
SetFilePointer
GlobalAlloc
MulDiv
GetModuleHandleA
GetSystemInfo
ReadFile
CreateFileA
WriteFile
RemoveDirectoryA
GetTickCount
GlobalLock
GlobalUnlock
CreateEventA
LocalAlloc
LocalFree
WaitForSingleObject
SetEvent
FreeResource
GetCPInfo
GetLocalTime
GetExitCodeThread
TerminateThread
GetDriveTypeA
GetDiskFreeSpaceExA
FreeLibrary
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
RaiseException
MultiByteToWideChar
WritePrivateProfileStringA
CreateMutexA
GetLastError
ReleaseMutex
CreateDirectoryA
SetFileAttributesA
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
FreeEnvironmentStringsW
GlobalGetAtomNameA
GetCurrentThreadId
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
SetThreadPriority
FindClose
FindNextFileA
FindFirstFileA
FlushFileBuffers
LoadLibraryA
DeleteCriticalSection
Sleep
GetProcAddress
GetCurrentDirectoryA
SetCurrentDirectoryA
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
Beep
GetPrivateProfileIntA
CloseHandle
GetPrivateProfileStringA
DeleteFileA
CopyFileA
WinExec
InterlockedExchange
FindResourceA
LoadResource
LockResource
GetEnvironmentStrings
FreeEnvironmentStringsA
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LockFile
UnlockFile
LCMapStringA
GetTimeZoneInformation
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
QueryPerformanceCounter
SetStdHandle
HeapSize
HeapReAlloc
GetCommandLineA
GetStartupInfoA
VirtualQuery
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
TerminateProcess
GetFileType
CreateThread
ExitThread
RtlUnwind
ExitProcess
SetErrorMode
GetFileTime
GetFileAttributesA
GetOEMCP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile

user32

GetKeyState
OffsetRect
GetSysColor
SetRect
CopyRect
LoadBitmapA
FillRect
DrawEdge
CreateMenu
CreatePopupMenu
AppendMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
ModifyMenuA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyIcon
DrawIconEx
GetSysColorBrush
GetMenuItemInfoA
DrawFocusRect
InvalidateRect
GetParent
PostMessageA
PtInRect
CallWindowProcA
GetWindowLongA
SystemParametersInfoA
GetCapture
IntersectRect
UpdateWindow
GetDlgCtrlID
SetFocus
GetFocus
GetMessageA
InflateRect
SetParent
LockWindowUpdate
GetDCEx
EnableMenuItem
ClientToScreen
ScreenToClient
SetCapture
LoadCursorA
LoadIconA
SendMessageA
GetCursorPos
SetCursor
ReleaseCapture
EnableWindow
RedrawWindow
FindWindowA
DrawIcon
GetWindowRect
SetTimer
KillTimer
wsprintfA
wvsprintfA
MessageBoxA
DispatchMessageA
TranslateMessage
PeekMessageA
GetClientRect
ReleaseDC
CheckMenuItem
UnregisterClassA
CharUpperA
GetDC
GetSystemMetrics
SetWindowRgn
SetWindowLongA
SetPropA
IsIconic
SetForegroundWindow
SetWindowPos
GetAsyncKeyState
RegisterWindowMessageA
GetClassInfoA
DefWindowProcA
GetMenuStringA
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
UnhookWindowsHookEx
GetWindow
GetWindowPlacement
RegisterClassA
DeferWindowPos
EqualRect
AdjustWindowRectEx
GetMenu
IsWindowVisible
GetScrollPos
TrackPopupMenu
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
IsChild
SendDlgItemMessageA
RemovePropA
GetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
WinHelpA
GetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowDC
BeginPaint
EndPaint
PostQuitMessage
ValidateRect
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
WindowFromPoint
DestroyMenu
SetRectEmpty
CharNextA
IsRectEmpty
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
LoadImageA

gdi32

GetPixel
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
EndPage
GetBkColor
CreateBitmap
CreateDIBSection
DeleteDC
GetTextExtentPoint32W
Escape
ExtTextOutA
RectVisible
PtVisible
PatBlt
Rectangle
Ellipse
GetBkMode
GetDeviceCaps
CreateFontIndirectA
SetBkColor
CreateSolidBrush
BitBlt
SetPixel
GetObjectA
SetStretchBltMode
StretchDIBits
SelectObject
LineTo
CreatePen
MoveToEx
DeleteObject
CreateFontA
SetBkMode
SetTextAlign
GetTextExtentPoint32A
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetTextColor
TextOutA
StartPage
StartDocA
ResetDCA
Polygon
GetStockObject
CreateRoundRectRgn
EndDoc
GetMapMode
GetClipBox
CreateRectRgnIndirect
SaveDC
RestoreDC
SetMapMode
GetRgnBox
GetTextColor
GetCharWidthA
CombineRgn
SetRectRgn
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateRectRgn
SelectClipRgn
IntersectClipRect
ExcludeClipRect

comdlg32

PrintDlgA
GetFileTitleA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shell32

Shell_NotifyIconA
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString

oleaut32

OleCreateFontIndirect
VariantClear
SysAllocStringLen
SysFreeString
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
SystemTimeToVariantTime
SysAllocString
SafeArrayDestroy
VariantCopy

odbc32

ord31
ord13
ord4
ord11
ord9
ord24
ord75
ord41
ord26

msimg32

TransparentBlt

comctl32

ImageList_GetIconSize
ImageList_Draw
ImageList_GetIcon
ImageList_AddMasked
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ws2_32

listen
setsockopt
__WSAFDIsSet
WSACleanup
inet_ntoa
gethostbyname
WSAStartup
gethostname
inet_addr
recv
send
recvfrom
sendto
connect
bind
htons
select
socket
accept
closesocket
ntohs
shutdown

wininet

InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback

winmm

timeGetTime
waveOutGetNumDevs
timeKillEvent
waveOutClose
waveOutReset
waveOutUnprepareHeader
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutOpen
timeSetEvent
timeBeginPeriod

gdiplus

GdipGetDC
GdipGetImageGraphicsContext
GdipCloneImage
GdiplusStartup
GdipFree
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipReleaseDC

dsound

ord1

ddraw

DirectDrawEnumerateExA
DirectDrawCreate

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 608KB - Virtual size: 606KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 812KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dc4ccafb8626f6bd38fe105d9e4938a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

msimg32

comctl32

shlwapi

oledlg

ws2_32

wininet

winmm

gdiplus

dsound

ddraw

winspool.drv

Sections

.text Size: 608KB - Virtual size: 606KB

.rdata Size: 124KB - Virtual size: 121KB

.data Size: 16KB - Virtual size: 570KB

.rsrc Size: 812KB - Virtual size: 808KB

.text
Size: 608KB - Virtual size: 606KB

.rdata
Size: 124KB - Virtual size: 121KB

.data
Size: 16KB - Virtual size: 570KB

.rsrc
Size: 812KB - Virtual size: 808KB