2024-01-29_62b677b5a4b1fea642dab5107c6794e1_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-29_62b677b5a4b1fea642dab5107c6794e1_icedid
Size

400KB
MD5

62b677b5a4b1fea642dab5107c6794e1
SHA1

830f2aa0e5d3bad379df07b93badf04bd1798a35
SHA256

cbdb10e3b7b64bf51730a8ec709781c68d927141ada0fa116b0dd92ce4dd93ae
SHA512

528c9dce352704a018bc3835b75bf75b5ee91fa39c9a0120f47401680be29f09ed12c376fe5fb51cac0972f6359fbf16d544d903af171d417cebfa0726e5ab79
SSDEEP

6144:CPu975C9Cn4ANK1HuBInsYo2cjcbUsOv5si2JNE:d919qQInsYoXjcJOv5si2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-29_62b677b5a4b1fea642dab5107c6794e1_icedid

Files

2024-01-29_62b677b5a4b1fea642dab5107c6794e1_icedid
.exe windows:4 windows x86 arch:x86

c5241e9759f4ccbf60e3e82a5d5fe789

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

skypemate

ord6
ord5

kernel32

FindClose
FindFirstFileW
GetVolumeInformationW
CreateFileW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
HeapReAlloc
RtlUnwind
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
DuplicateHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
Sleep
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GetThreadLocale
lstrlenA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
WideCharToMultiByte
GetModuleHandleA
FormatMessageW
LocalFree
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
GlobalFree
FreeResource
GetVersion
lstrcpyW
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
UnmapViewOfFile
CloseHandle
lstrcmpiW
CreateFileMappingW
MapViewOfFile
GetVersionExW
GetSystemDefaultLangID
GetPrivateProfileIntW
GetProcAddress
WritePrivateProfileStringW
FreeLibrary
CreateDirectoryW
GetCommandLineW
CreateMutexW
LoadLibraryW
VirtualQuery
ReleaseMutex
GetLocalTime
InterlockedCompareExchange
IsProcessorFeaturePresent
GetCurrentProcessId
OutputDebugStringW
SetLastError
RaiseException
InterlockedDecrement
InterlockedIncrement
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
GetLastError
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
QueryPerformanceFrequency
QueryPerformanceCounter
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetFullPathNameW
CopyFileW
GetModuleFileNameW
GetPrivateProfileStringW
GetFileType

user32

MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
GetNextDlgGroupItem
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharUpperW
UnregisterClassW
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
GetMessageW
TranslateMessage
ValidateRect
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsDialogMessageW
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
IsWindowVisible
GetMenuItemID
MessageBoxW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
CopyRect
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
TrackPopupMenuEx
LoadMenuW
SetMenuItemBitmaps
PostQuitMessage
GetCursorPos
SetCursor
GetCapture
KillTimer
SetTimer
UpdateWindow
SetWindowRgn
GetSystemMenu
AppendMenuW
PtInRect
ShowWindow
SetForegroundWindow
SetWindowsHookExW
CallNextHookEx
GetMenuItemCount
GetMenuItemInfoW
CreateAcceleratorTableW
CreateWindowExW
IsWindow
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
DestroyWindow
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
InvalidateRgn
InvalidateRect
ScreenToClient
ClientToScreen
SetWindowPos
MoveWindow
CharNextW
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
GetWindowTextLengthW
GetWindowTextW
DefWindowProcW
UnhookWindowsHookEx
SetWindowLongW
FindWindowW
ReleaseDC
GetWindowDC
LoadBitmapW
GetSysColor
LoadImageW
GetDC
GetClientRect
GetWindowRect
SetWindowTextW
RedrawWindow
IsMenu
SetMenuItemInfoW
GetSubMenu
GetWindowLongW
GetMenu
LoadIconW
EnableWindow
SendMessageW
PostMessageW
GetDlgCtrlID
UnregisterClassA

gdi32

ScaleWindowExtEx
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetWindowExtEx
ScaleViewportExtEx
CreatePen
ExtSelectClipRgn
GetObjectW
SelectObject
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
CreateCompatibleDC
PtVisible
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateRoundRectRgn
CreateRectRgnIndirect
GetStockObject
CreateSolidBrush
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
DeleteObject
DeleteDC

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryInfoKeyW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
GetUserNameW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCloseKey

shell32

Shell_NotifyIconW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathIsRelativeW

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
SysStringByteLen
VariantInit
VariantClear
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringLen
VariantCopy

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5241e9759f4ccbf60e3e82a5d5fe789

Headers

File Characteristics

Imports

skypemate

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 28KB - Virtual size: 24KB