2024-01-28_9e5f734b876db105843fc1b7d4d68e0d_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-28_9e5f734b876db105843fc1b7d4d68e0d_icedid
Size

456KB
MD5

9e5f734b876db105843fc1b7d4d68e0d
SHA1

b6eb24c9a9553db556082a353c6f1ba89902397b
SHA256

03938c652d37fbc021a59e062260db4ce871c0d09999693639562ca637db8928
SHA512

e893159d0d5b15c4bfc4abe5fc3c00393f3c344d7ba51b0056ac8124f5a6beec29793f89781ad6041731cba71aef10e2ba2811cb2934c34ae431183a1ad3ba83
SSDEEP

12288:Re/D3m8QSU6TQn2EKKPEOyStADgIbceLr9XXBW2O/LRigkU:kD9XngLRi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-28_9e5f734b876db105843fc1b7d4d68e0d_icedid

Files

2024-01-28_9e5f734b876db105843fc1b7d4d68e0d_icedid
.exe windows:4 windows x86 arch:x86

15ec288121f9f135c08b7bd2cf0b8245

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
gethostbyname
inet_addr

iphlpapi

GetAdaptersInfo

kernel32

GetCurrentProcess
GetCPInfo
GetOEMCP
SetErrorMode
HeapFree
HeapAlloc
RtlUnwind
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
RaiseException
HeapSize
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
GetACP
Sleep
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
DeleteFileA
MoveFileA
FindResourceExA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentProcessId
GlobalAddAtomA
VirtualProtect
SetLastError
GlobalFree
GlobalUnlock
MulDiv
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
lstrlenA
CompareStringA
GetVersion
GetLastError
MultiByteToWideChar
InterlockedExchange
GetFileAttributesA
CopyFileA
ReadFile
GetTickCount
IsDBCSLeadByteEx
EnumSystemCodePagesA
IsValidCodePage
LoadLibraryExA
GetProcAddress
FreeLibrary
GetModuleFileNameA
CreateFileA
WriteFile
CloseHandle
CreateProcessA
WaitForSingleObject
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
FormatMessageA
LocalFree
GetCurrentDirectoryA
SetCurrentDirectoryA
UnhandledExceptionFilter

user32

LoadCursorA
GetSysColorBrush
UnregisterClassA
DestroyMenu
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetClassLongA
GetClassNameA
GetWindowTextLengthA
GetWindowTextA
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SystemParametersInfoA
GetWindowPlacement
GetWindow
UnhookWindowsHookEx
WindowFromPoint
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetPropA
GetCapture
GetActiveWindow
SetActiveWindow
MapDialogRect
SetWindowPos
ShowWindow
GetPropA
RemovePropA
GetAsyncKeyState
SetFocus
GetWindowLongA
GetParent
GetDlgItem
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterClassA
PostMessageA
ReleaseDC
GetDC
WaitForInputIdle
GetForegroundWindow
LoadBitmapA
LoadImageA
MessageBeep
SetForegroundWindow
GetSystemMetrics
LoadIconA
EnableWindow
GetFocus
InvalidateRect
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
MessageBoxA
ScreenToClient

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
TextOutA
EnumFontFamiliesExA
DeleteObject
RectVisible
PtVisible
CreateBitmap
GetDeviceCaps
GetTextExtentPoint32A
GetTextMetricsA
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetObjectA
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantInit
VariantClear
VariantChangeType

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15ec288121f9f135c08b7bd2cf0b8245

Headers

File Characteristics

Imports

ws2_32

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 268KB - Virtual size: 267KB

.rdata Size: 84KB - Virtual size: 81KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 80KB - Virtual size: 78KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 84KB - Virtual size: 81KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 80KB - Virtual size: 78KB