2024-01-26_e51742b2a2884c2a696d5ff1c3779e92_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-26_e51742b2a2884c2a696d5ff1c3779e92_icedid
Size

2.6MB
MD5

e51742b2a2884c2a696d5ff1c3779e92
SHA1

22ee2c94264f5274b1fddeb66a4b6cf47c253031
SHA256

b7580c7cfda7646448b9ec21dacc7eabb255e5a02d29cff0275a99c61a9fedf5
SHA512

a5dacb72a30f1437947a93efa525df610c572a50fd69920d681b5c9a6163c1418f8123eb339ae64a794180933c3c59f90e20aa9c1cb49b2469aef84c25627b8b
SSDEEP

24576:1zq9c040Xt+na8JUVy2BnomUOMw4ytPaUPmhNxLdQxy5i7v8jbdqLZ6Fc1E:Rvna8WVzno+tSdNFeI5iL8VqLMFc1E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-26_e51742b2a2884c2a696d5ff1c3779e92_icedid

Files

2024-01-26_e51742b2a2884c2a696d5ff1c3779e92_icedid
.exe windows:4 windows x86 arch:x86

a5405528eae511404124a43871003c85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerGetLineControlsA
mixerClose
mixerOpen
mixerGetNumDevs
mixerGetLineInfoA
mixerGetDevCapsA
mixerSetControlDetails
mixerGetControlDetailsA
waveInGetNumDevs
waveInGetDevCapsA
sndPlaySoundA
mciSendCommandA
mmioCreateChunk
mmioWrite
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose
waveInUnprepareHeader
waveInStop
waveInReset
waveInClose
waveInOpen
waveInGetErrorTextA
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutClose
waveOutGetErrorTextA
waveOutOpen

msacm32

acmStreamPrepareHeader
acmStreamClose
acmFormatEnumA
acmMetrics
acmDriverClose
acmDriverEnum
acmStreamOpen
acmStreamConvert
acmDriverDetailsA
acmStreamUnprepareHeader
acmStreamSize
acmDriverOpen
acmDriverAddA
acmGetVersion

imm32

ImmGetCompositionStringA
ImmReleaseContext
ImmGetContext

kernel32

GetDiskFreeSpaceA
TlsAlloc
TlsFree
GetTempFileNameA
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetCurrentThread
SuspendThread
GlobalFlags
GetFileTime
FileTimeToLocalFileTime
GetOEMCP
SizeofResource
FindResourceExA
GetCurrentDirectoryA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
SystemTimeToFileTime
SetFileTime
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
SetStdHandle
GetFileType
GetACP
HeapReAlloc
TerminateProcess
ExitThread
HeapSize
SetUnhandledExceptionFilter
LCMapStringA
FileTimeToSystemTime
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
RaiseException
GetLocalTime
LocalFileTimeToFileTime
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetShortPathNameA
GetThreadLocale
CreateFileA
GetFileSize
ReadFile
WritePrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileIntA
FindFirstFileA
CopyFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA
Sleep
CreateThread
SetEvent
CreateDirectoryA
WaitForSingleObject
lstrlenA
CreateEventA
GetModuleFileNameA
GetTickCount
DeleteFileA
SetFileAttributesA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateMutexA
GetLastError
ReleaseMutex
CloseHandle
GetEnvironmentStrings
UnhandledExceptionFilter
GetVolumeInformationA
GetFullPathNameA
GetProcessHeap
GetProfileStringA
LockFile
SetEndOfFile
UnlockFile
WriteFile
FlushFileBuffers
SetFilePointer
lstrcpynA
GetCurrentProcess
DuplicateHandle
ReleaseSemaphore
lstrcmpA
MulDiv
CreateSemaphoreA
VirtualProtect
FindResourceA
SetLastError
WideCharToMultiByte
lstrcatA
LoadResource
LockResource
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpiA
GlobalSize
GlobalFindAtomA
GlobalDeleteAtom
QueryPerformanceFrequency
GetVersion
lstrlenW
LocalAlloc
QueryPerformanceCounter
SetErrorMode
GetFileInformationByHandle
GlobalHandle
GlobalFree
InterlockedIncrement
FileTimeToDosDateTime
InterlockedDecrement
lstrcpyA
GetCurrentThreadId
ExpandEnvironmentStringsA
GetWindowsDirectoryA
TerminateThread
GetFileAttributesA
LocalFree
MultiByteToWideChar
FormatMessageA
GetSystemDefaultLangID
FindNextFileA
FindClose
GlobalUnlock
GlobalAlloc
GlobalLock
ResumeThread
MoveFileA
SetThreadPriority
FreeEnvironmentStringsA
ResetEvent
FreeEnvironmentStringsW
GetProcessVersion
GetCPInfo
LCMapStringW

user32

SetWindowTextA
MoveWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
MapDialogRect
CharUpperA
wvsprintfA
LoadStringA
DestroyMenu
CharNextA
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
UnpackDDElParam
SetCursorPos
DestroyCursor
ShowOwnedPopups
ValidateRect
TranslateMessage
SetWindowContextHelpId
IsClipboardFormatAvailable
GetSysColorBrush
CopyAcceleratorTableA
InvertRect
GetNextDlgGroupItem
RegisterClipboardFormatA
IsWindowEnabled
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
WinHelpA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
GetWindowPlacement
GetDlgCtrlID
DrawEdge
GetDlgItem
CallWindowProcA
CheckMenuItem
MapVirtualKeyA
IsRectEmpty
GetClassInfoA
DrawFrameControl
GetCursor
GetDoubleClickTime
IsChild
IsDlgButtonChecked
CreateDialogIndirectParamA
DrawTextA
TabbedTextOutA
GetMenuState
ModifyMenuA
GetMenuItemID
GetTabbedTextExtentA
GetCapture
GetMessageA
DispatchMessageA
PostQuitMessage
EndDialog
RegisterHotKey
GetActiveWindow
MessageBoxA
UnregisterHotKey
PostThreadMessageA
IsIconic
CloseWindow
GetSystemMenu
EnumWindows
GetClassNameA
DefWindowProcA
FindWindowA
GetDCEx
LockWindowUpdate
GetWindowDC
RedrawWindow
SetMenu
DrawMenuBar
LoadMenuA
GetMenuItemCount
EnableMenuItem
GetForegroundWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
FillRect
GetFocus
FlashWindow
SetActiveWindow
SetFocus
SetWindowLongA
GetWindowLongA
DrawIcon
DrawFocusRect
SetRect
FrameRect
DrawStateA
BringWindowToTop
ShowWindow
SetForegroundWindow
GetMenuStringA
GetMenu
GetSubMenu
AppendMenuA
GetCursorPos
WindowFromPoint
wsprintfA
GetDC
ReleaseDC
GetNextDlgTabItem
GetTopWindow
IntersectRect
GetWindow
LoadBitmapA
GetSysColor
DestroyWindow
CreatePopupMenu
ClientToScreen
SetWindowPos
LoadImageA
SetParent
IsWindowVisible
InvalidateRect
SetCapture
ReleaseCapture
DestroyIcon
GetDesktopWindow
GetParent
PostMessageA
AdjustWindowRectEx
OffsetRect
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
CheckRadioButton
MessageBeep
GrayStringA
DrawAnimatedRects
GetAsyncKeyState
SetTimer
RegisterWindowMessageA
EqualRect
UpdateWindow
GetWindowRect
GetKeyState
CopyRect
SetRectEmpty
SystemParametersInfoA
GetSystemMetrics
InflateRect
IsWindow
EnableWindow
SetCursor
ShowCursor
GetMessagePos
ScreenToClient
GetClientRect
PtInRect
KillTimer
LoadCursorA
LoadIconA
SendMessageA
DeleteMenu
IsDialogMessageA
ExcludeUpdateRgn
SubtractRect
IsWindowUnicode
DefDlgProcA
ShowCaret
UnregisterClassA
UnionRect
IsZoomed
HideCaret

gdi32

FillRgn
GetClipBox
SelectObject
BitBlt
CreateBitmap
ExtTextOutA
FrameRgn
CreateCompatibleDC
DeleteObject
GetObjectA
CreateFontIndirectA
GetStockObject
SetDIBitsToDevice
CreatePalette
PtInRegion
GetTextExtentPointA
Escape
CombineRgn
RectVisible
PtVisible
SetBitmapDimensionEx
GetTextColor
TextOutA
GetTextExtentPoint32A
GetTextMetricsA
PatBlt
CreateFontA
CreateRectRgnIndirect
CreatePen
CreateDIBitmap
Rectangle
CreateSolidBrush
SetBkColor
CreateCompatibleBitmap
DeleteDC
CreatePolygonRgn
IntersectClipRect
LineTo
SetTextAlign
MoveToEx
SetTextCharacterExtra
CreateRectRgn
ExtSelectClipRgn
GetViewportExtEx
SelectClipRgn
GetDeviceCaps
GetWindowExtEx
GetMapMode
CreatePatternBrush
DPtoLP
GetBkColor
SetRectRgn
GetCharWidthA
StretchDIBits
EnumFontFamiliesExA
CopyMetaFileA
LPtoDP
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetWindowOrgEx
SetViewportOrgEx
SetMapMode
OffsetViewportOrgEx
SetROP2
SetStretchBltMode
SelectPalette
RestoreDC
SetBkMode
SaveDC
SetTextColor
ExcludeClipRect

comdlg32

ChooseFontA
GetFileTitleA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueA
RegQueryValueA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA
ShellExecuteA
SHAppBarMessage
ExtractIconA

comctl32

ImageList_Duplicate
ImageList_Create
ImageList_Destroy
ImageList_LoadImageA
CreatePropertySheetPageA
PropertySheetA
ord17
DestroyPropertySheetPage
ImageList_Draw
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_GetIcon

oledlg

ord8

ole32

OleInitialize
StringFromCLSID
CLSIDFromString
CoCreateGuid
CoInitialize
CoUninitialize
CoLoadLibrary
CoCreateInstance
StgIsStorageFile
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
OleUninitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StgCreateDocfile
CoFreeUnusedLibraries
CoTaskMemAlloc
OleDuplicateData
OleGetClipboard
ReleaseStgMedium
CLSIDFromProgID
CoDisconnectObject
StgOpenStorage

olepro32

ord253

oleaut32

SysAllocString
VariantCopy
VariantChangeType
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
VariantClear
SysAllocStringByteLen
SafeArrayGetDim
SafeArrayCreate
SysAllocStringLen
SysFreeString
SysStringByteLen
SysStringLen
LoadTypeLi
VariantTimeToSystemTime

urlmon

IsValidURL

wsock32

ioctlsocket
gethostname
gethostbyname
ntohl
inet_addr
WSACleanup
closesocket
connect
setsockopt
socket
WSAStartup
recv
htons
WSAAsyncGetHostByName
WSAGetLastError
listen
shutdown
WSASetLastError
getpeername
getsockname
accept
bind
WSAAsyncSelect
inet_ntoa
recvfrom
sendto
htonl
select
send
ntohs

wininet

InternetCloseHandle
InternetSetStatusCallback
InternetOpenA
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetGetLastResponseInfoA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetOpenUrlA
InternetCrackUrlA
InternetSetFilePointer

ipsearcher

_GetAddress

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 172KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 587KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5405528eae511404124a43871003c85

Headers

File Characteristics

Imports

winmm

msacm32

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wsock32

wininet

ipsearcher

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 320KB - Virtual size: 320KB

.data Size: 172KB - Virtual size: 1.1MB

.rsrc Size: 587KB - Virtual size: 585KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 320KB - Virtual size: 320KB

.data
Size: 172KB - Virtual size: 1.1MB

.rsrc
Size: 587KB - Virtual size: 585KB