2024-01-28_2ae83b69ec7c7eb8f041adc0034aa717_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-28_2ae83b69ec7c7eb8f041adc0034aa717_icedid
Size

1.3MB
MD5

2ae83b69ec7c7eb8f041adc0034aa717
SHA1

981d7b85e8acae91f25feff225aa5620b603d5d0
SHA256

782dc9dfa9ee2d91434aa488620dda6c24df64543eb322f5a0be3150d677c930
SHA512

a8447514de54bb509df45660245a85892161ee90abb6447f67f048ea9653749d7a2738c08a04eb90cdfab2694d4aa31844cd08f1f7f3c7376b585cc2953085f3
SSDEEP

12288:x+25f0QSRMv5DPsb4kCu0vCVC76K8t3ra+ujKv45d25kJ7YwboMn10XREIDPTBBD:l0HMxDEbiu0Ara+uOvEuXREIDTiXL/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-28_2ae83b69ec7c7eb8f041adc0034aa717_icedid

Files

2024-01-28_2ae83b69ec7c7eb8f041adc0034aa717_icedid
.exe windows:4 windows x86 arch:x86

68ab7e90d6fbaefb49ab34f61c8d4a58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHRegEnumUSKeyW
SHRegOpenUSKeyW
SHRegCloseUSKey
SHGetValueW

kernel32

LocalReAlloc
DeleteCriticalSection
TlsFree
RaiseException
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
GetFileTime
GetStartupInfoW
RtlUnwind
ExitThread
CreateThread
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
TerminateProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
TlsSetValue
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
QueryPerformanceCounter
GetCurrentProcessId
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
FileTimeToLocalFileTime
GetCurrentThread
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
GlobalFree
MulDiv
lstrcpyW
FormatMessageW
lstrcpynW
LocalFree
lstrlenW
InterlockedDecrement
FindFirstFileW
FindNextFileW
FindClose
GetFileSize
FileTimeToSystemTime
SetFileTime
DosDateTimeToFileTime
SystemTimeToFileTime
WideCharToMultiByte
ReadFile
DuplicateHandle
GetFileType
SetFilePointer
GetComputerNameW
CreateFileW
WriteFile
GetUserDefaultLangID
GetCommandLineW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
MultiByteToWideChar
FreeLibrary
LoadLibraryW
GetProcAddress
ResetEvent
SetEvent
GetTickCount
CreateEventW
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
ResumeThread
GetCurrentProcess
GetEnvironmentStringsW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateProcessW
FreeEnvironmentStringsW
WaitForSingleObject
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
SetLastError
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
UnhandledExceptionFilter

user32

PostThreadMessageW
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
ReleaseCapture
SetCapture
DestroyMenu
LoadCursorW
GetSysColorBrush
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
wsprintfW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageW
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
SetLayeredWindowAttributes
GetSystemMetrics
LoadIconW
RedrawWindow
GetClientRect
GetWindowRect
IsIconic
DrawIcon
LoadImageW
SendMessageW
EnableWindow
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC
GetWindowTextW

gdi32

GetMapMode
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
GetRgnBox
CreateRectRgnIndirect
GetTextColor
GetBkColor
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetStockObject
ExtSelectClipRgn
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
ScaleWindowExtEx
BitBlt
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
GetUserNameW
RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueW

shell32

CommandLineToArgvW

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoRegisterMessageFilter
OleInitialize
OleFlushClipboard

oleaut32

VarUdateFromDate
SysFreeString
SysStringLen
OleCreateFontIndirect
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantCopy

gdiplus

GdiplusShutdown
GdipCreateFromHDC
GdipDrawImageRectI
GdipDeleteGraphics
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipLoadImageFromStreamICM
GdiplusStartup

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68ab7e90d6fbaefb49ab34f61c8d4a58

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 216KB - Virtual size: 214KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 216KB - Virtual size: 214KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB