2024-01-29_ee16520eefdde17a2586d010fbe71359_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-29_ee16520eefdde17a2586d010fbe71359_icedid
Size

1.7MB
MD5

ee16520eefdde17a2586d010fbe71359
SHA1

98fa585b4dca6e75cc560e0359f0c71c76b6dcbe
SHA256

c86ac4ef885381524a83f79f8b6a5a2475f0ccf96db0722801c5efcb4a14a726
SHA512

7b8b9a7ee6726082b7deea3307099c61d89b3059726dc3d80071840d638b442359ba2ff0fbc53b3c278141b0f37feb548ccbfe6be0504656066cbed932b9fb51
SSDEEP

24576:uZaiV4XVz1Xq0fA62yT2iOL53DG2wJOJqDPd0ZpioCoIKxTY5TI+:uZRV4X9A6v2idDPdO4oCHcTY5Tp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-29_ee16520eefdde17a2586d010fbe71359_icedid

Files

2024-01-29_ee16520eefdde17a2586d010fbe71359_icedid
.exe windows:5 windows x86 arch:x86

0cbd0852b745af90d5910888a14a0e0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

kernel32

FindResourceExA
GetCurrentDirectoryA
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapFree
RemoveDirectoryA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
SetEnvironmentVariableA
SetCurrentDirectoryA
ExitProcess
GetConsoleCP
GetConsoleMode
VirtualAlloc
GetSystemInfo
VirtualQuery
GetLogicalDrives
WriteConsoleW
GetFileType
GetStdHandle
GetCommandLineA
GetStartupInfoA
SetStdHandle
HeapSize
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
SetHandleCount
VirtualFree
HeapCreate
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CompareStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
SetErrorMode
CopyFileA
GetLastError
CreateProcessA
LocalFree
FormatMessageA
LoadLibraryA
GetModuleHandleA
GetProcAddress
SetLastError
FreeLibrary
CloseHandle
GlobalUnlock
ReadFile
GlobalLock
GlobalAlloc
GetFileSize
CreateFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
WinExec
GetTempPathA
GetTempFileNameA
MulDiv
GetProfileIntA
Sleep
GlobalFree
GetPrivateProfileIntA
GetVolumeInformationA
lstrlenA
MultiByteToWideChar
GetModuleFileNameA
SetThreadLocale
SetFilePointer
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
GetDriveTypeA
GetDiskFreeSpaceA
SetVolumeLabelA
FatalAppExitA
SetEndOfFile
WriteFile
FlushFileBuffers
LockFile
UnlockFile
GetVersionExA
lstrcmpW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
lstrlenW
GlobalSize
GetCurrentProcessId
GlobalReAlloc
lstrcmpA
lstrcpyW
lstrcpyA
GetSystemDirectoryW
LoadLibraryW
GetModuleHandleW
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
GlobalFlags
FindNextFileA
GetTickCount
GetModuleFileNameW
InterlockedDecrement
SetFileTime
GetFileTime
GetFullPathNameA
GetThreadLocale
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualProtect
WaitForSingleObject
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
GetShortPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
lstrcmpiA
GetStringTypeExA
DeleteFileA
MoveFileA
SystemTimeToFileTime
FileTimeToSystemTime

user32

PostQuitMessage
WaitMessage
WindowFromPoint
SetParent
GetSystemMenu
DeleteMenu
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
MapDialogRect
GetAsyncKeyState
GetMessageA
TranslateMessage
ValidateRect
CharUpperA
GetCursorPos
SetWindowRgn
DrawIcon
IsRectEmpty
DrawFocusRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DestroyMenu
GetDesktopWindow
GetWindowThreadProcessId
GetMenuStringA
InsertMenuA
IsWindowEnabled
ShowWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
ShowOwnedPopups
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
RemovePropA
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetMenuItemID
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
PtInRect
GetDlgCtrlID
DefWindowProcA
GetMenu
GetWindowLongA
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
SetRect
DestroyCursor
GetSysColorBrush
UnregisterClassA
GetDCEx
LockWindowUpdate
PostThreadMessageA
GetTabbedTextExtentA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PeekMessageA
MessageBoxA
RedrawWindow
SetCursorPos
GetKeyState
ClientToScreen
LoadMenuA
RegisterClipboardFormatA
OemToCharA
GetActiveWindow
RemoveMenu
GetSubMenu
SetWindowLongA
CallWindowProcA
SetCursor
LoadCursorA
IsWindow
GetFocus
SetRectEmpty
EmptyClipboard
SetClipboardData
CloseClipboard
wsprintfA
OpenClipboard
IsZoomed
IsWindowVisible
UpdateWindow
InvalidateRect
SetFocus
ReleaseCapture
SetCapture
SetActiveWindow
GetDC
ReleaseDC
PostMessageA
KillTimer
SetTimer
GetParent
GetClientRect
CharToOemA
OemToCharBuffA
CharToOemBuffA
MessageBeep
SetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
DestroyIcon
GetSysColor
GetSystemMetrics
GetMenuItemInfoA
CopyAcceleratorTableA
SystemParametersInfoA
GetMenuItemCount
AppendMenuA
CreateMenu
DrawEdge
LoadBitmapA
OffsetRect
InflateRect
CopyRect
DrawStateA
GetWindowTextA
SetWindowTextA
GetWindowRect
SendMessageA
EnableWindow
GetPropA

gdi32

CreateFontA
GetClipBox
SetTextColor
SetBkColor
CopyMetaFileA
CreateDCA
ExtTextOutA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
DeleteDC
CreatePatternBrush
CreateRectRgnIndirect
GetCharWidthA
StretchDIBits
CreateEllipticRgn
DPtoLP
LPtoDP
SetRectRgn
CombineRgn
SelectObject
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetBkColor
EnumFontFamiliesExA
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
CreateSolidBrush
Rectangle
MoveToEx
LineTo
TextOutA
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
CreateBitmap
DeleteObject
CreatePen
GetDeviceCaps
CreateFontIndirectA
Ellipse
PatBlt
BitBlt
GetCurrentPositionEx
GetObjectA
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
GetPrinterA
DocumentPropertiesA
GetJobA
ClosePrinter

advapi32

RegEnumKeyA
RegOpenKeyA
GetFileSecurityA
SetFileSecurityA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueA

shell32

DragAcceptFiles
SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA
ShellExecuteA

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathRemoveFileSpecW
PathFindFileNameA

odbc32

ord17
ord41
ord10
ord2
ord1
ord40
ord4
ord72
ord16
ord3
ord54
ord5
ord51
ord50
ord45
ord44
ord68
ord59
ord13
ord18
ord46
ord12
ord19
ord11
ord49
ord48
ord8
ord20
ord14
ord9
ord15

oledlg

ord8

ole32

OleIsCurrentClipboard
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
CoInitializeEx
CoCreateInstance
OleFlushClipboard
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
OleDuplicateData
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoUninitialize

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VarDateFromStr
VarBstrFromDate
SysFreeString
OleLoadPicture
VarUdateFromDate
SystemTimeToVariantTime
VariantClear
VariantTimeToSystemTime

wininet

InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable
InternetSetCookieA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenUrlA

Exports

Exports

??4l4link_st@@QAEAAU0@ABU0@@Z

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cbd0852b745af90d5910888a14a0e0d

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

odbc32

oledlg

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 253KB - Virtual size: 252KB

.data Size: 26KB - Virtual size: 46KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 253KB - Virtual size: 252KB

.data
Size: 26KB - Virtual size: 46KB

.rsrc
Size: 3KB - Virtual size: 2KB