2024-01-29_d8717065908a46e08697f40310d75236_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-29_d8717065908a46e08697f40310d75236_icedid
Size

380KB
MD5

d8717065908a46e08697f40310d75236
SHA1

d885be7a9a4a2695184a3ef6cbb0ef2809ffdb37
SHA256

6bd6932fc3f38b434f1ebc6b010ac9eb3895350ea98ba09a09ec3c261b7825cc
SHA512

86aaad9f66360e2c7b8a42d950d6b83893a982dcf3f98ee4fc0c7361e6cc97d2430dabe05593cd726288d30764b659e5085926030e4d56d0ccb8d17edc7cf7e6
SSDEEP

6144:rcmHBsjgCSjfkcU4P8DppLqYG00/nlrA98StWwS4g2Xo1:rvHBigCSjMcUK8lpLqYG00/nlr3sgK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-29_d8717065908a46e08697f40310d75236_icedid

Files

2024-01-29_d8717065908a46e08697f40310d75236_icedid
.exe windows:4 windows x86 arch:x86

49a3004194535f7ebea2b75a5436ac0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fsync

ord3

kernel32

TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
SetErrorMode
GetStartupInfoW
ExitProcess
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
GetOEMCP
GetCPInfo
TerminateProcess
HeapAlloc
HeapReAlloc
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
TlsGetValue
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalHandle
GlobalReAlloc
GlobalFlags
WritePrivateProfileStringW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetUserDefaultLCID
GlobalFindAtomW
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
FreeResource
lstrcmpiW
lstrlenA
SuspendThread
SetThreadPriority
GlobalAddAtomW
SetLastError
GlobalFree
MulDiv
GlobalUnlock
lstrcpynW
GetCurrentThread
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcpyW
GetLocaleInfoW
GetVersion
GetCurrentProcess
GetComputerNameW
CreateDirectoryW
WideCharToMultiByte
GetTimeZoneInformation
GetModuleHandleW
LocalFree
GetTickCount
SetEvent
CreateEventW
CreateFileW
CreateFileA
FindFirstFileW
FindClose
LoadLibraryW
GetProcAddress
FreeLibrary
ReleaseMutex
WaitForSingleObject
InterlockedIncrement
InterlockedDecrement
FormatMessageW
LocalAlloc
Sleep
ExitThread
OpenMutexW
lstrlenW
EnterCriticalSection
GetModuleFileNameW
LeaveCriticalSection
MultiByteToWideChar
CreateMutexW
GetLastError
GetCurrentThreadId
CloseHandle
ResumeThread
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetModuleFileNameA

user32

SetRect
IsRectEmpty
CharNextW
ShowWindow
MoveWindow
IsDialogMessageW
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetDesktopWindow
SetWindowTextW
IsWindowEnabled
CharUpperW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
IsWindow
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
CopyAcceleratorTableW
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
MessageBoxW
SetForegroundWindow
UpdateWindow
EndDialog
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
PtInRect
EnableWindow
RegisterClipboardFormatW
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDlgItem
InvalidateRect
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
SetMenuItemBitmaps
GetFocus
GetNextDlgTabItem
MessageBeep
GetTopWindow
CreateDialogIndirectParamW
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SendMessageW
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageW
PostQuitMessage
MsgWaitForMultipleObjects
PeekMessageW
wsprintfW
GetMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
UnregisterClassW
DestroyMenu
GetClientRect

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
GetClipBox
CreateBitmap
GetMapMode
GetDeviceCaps
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
DeleteObject
GetObjectW
SetBkColor
SetTextColor

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegConnectRegistryW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW

shell32

SHGetFolderPathW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleRun
CoUninitialize
CoInitialize
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoCreateInstance

oleaut32

SysAllocString
GetErrorInfo
OleCreateFontIndirect
SafeArrayDestroy
SysAllocStringLen
VariantChangeType
VariantCopy
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetElement
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SysStringByteLen
SysAllocStringByteLen
VariantInit
DispCallFunc
SysStringLen
LoadTypeLi
LoadRegTypeLi
VariantClear
SysFreeString

ws2_32

send
select
ioctlsocket
recv
socket
WSAGetLastError
inet_addr
htons
connect
WSAStartup
WSACleanup
closesocket

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49a3004194535f7ebea2b75a5436ac0d

Headers

File Characteristics

Imports

fsync

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 264KB - Virtual size: 260KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 264KB - Virtual size: 260KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 20KB - Virtual size: 18KB