2024-01-29_539c3d07c374906e9744f33e56aaa2f6_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-29_539c3d07c374906e9744f33e56aaa2f6_icedid
Size

516KB
MD5

539c3d07c374906e9744f33e56aaa2f6
SHA1

e499685eee09cfa23cc1406f22090118f865f3ee
SHA256

3e90e8e04e03f5b7549e89b522870cbf32fce84abd09dc1ef1fd8c5197e8f317
SHA512

6866e0646ad0349b5b71546bc902954c9712c7d5ff0e2bf66b493a71cf57818048e8d4ebe734d1392c6260f23e8ba4c18c9839ecfa14fd981c214da50fd7f4b5
SSDEEP

6144:TzEyKoAW6e017cWVtTg61aDscD0JQyPjRwupmlepQtY8OG5xZAO1Oa5bq:TyCdqVcD0J/7RwuolU8HxZw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-29_539c3d07c374906e9744f33e56aaa2f6_icedid

Files

2024-01-29_539c3d07c374906e9744f33e56aaa2f6_icedid
.exe windows:4 windows x86 arch:x86

f80b501cd4d5b37f209fdac285eb46a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileA
SetupCloseInfFile
SetupOpenAppendInfFileA
SetupGetSourceFileLocationA
SetupGetSourceInfoA
SetupDecompressOrCopyFileA
SetupPromptForDiskA
SetupGetStringFieldA
SetupGetLineTextA
SetupFindFirstLineA
SetupFindNextLine

kernel32

FreeResource
GetModuleHandleA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
lstrcpyW
InterlockedIncrement
LocalAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwind
GetSystemTimeAsFileTime
GetFileType
GetStartupInfoA
ExitProcess
SetStdHandle
ExitThread
CreateThread
HeapReAlloc
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetLocaleInfoA
GetThreadLocale
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SuspendThread
GetCurrentThreadId
GetDriveTypeA
GetProcessHeap
GetVersionExA
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
WritePrivateProfileStringA
lstrlenA
DeleteCriticalSection
GetLastError
CreateFileA
CopyFileA
SetFileAttributesA
GetFileAttributesA
GetTimeZoneInformation
DeleteFileA
CloseHandle
GetPrivateProfileStringA
FindClose
FindFirstFileA
RemoveDirectoryA
GetWindowsDirectoryA
CreateDirectoryA
GetTempPathA
ExpandEnvironmentStringsA
RaiseException
InitializeCriticalSection
GetVersion
lstrcmpiA
lstrlenW
CompareStringA
CompareStringW
lstrcpyA
SetEvent
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
ResetEvent
CreateEventA
SetLastError
MapViewOfFile
UnmapViewOfFile
GetCommandLineA
GetSystemInfo
CreateFileMappingA
GetACP
GetFileSize
GetFullPathNameA
GetCurrentDirectoryA
ReadFile
FreeLibrary
GetProcAddress
LoadLibraryA
WriteFile
InterlockedExchange
FindNextFileA
SetFilePointer
GetStdHandle
GetModuleFileNameA
GlobalUnlock
GlobalLock
GlobalAlloc
FormatMessageA
ResumeThread
GlobalReAlloc
GlobalFree
MulDiv
GlobalSize
lstrcpynA
InterlockedDecrement
CreateMutexA
GetCurrentProcessId
ReleaseMutex
lstrcmpA
lstrcatA
GetCurrentProcess
OpenProcess
QueryPerformanceFrequency
GetTickCount
QueryPerformanceCounter
LoadLibraryExA
GetPrivateProfileIntA
FileTimeToSystemTime
GetFileTime
FileTimeToLocalFileTime
LocalFree
GetDateFormatA
GetTimeFormatA
GetVolumeInformationA

user32

LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetDesktopWindow
InvalidateRect
EnableWindow
wsprintfA
CharUpperA
UnregisterClassA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsClipboardFormatAvailable
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
SendMessageA
SetCursor
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
PostQuitMessage
GetWindowRect
SetTimer
GetParent
SetForegroundWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
CloseClipboard
UpdateWindow
GetMenu
PostMessageA
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
GetKeyState
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadStringA
EmptyClipboard
SetClipboardData
DestroyIcon
OpenClipboard

gdi32

DeleteObject
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SelectPalette
CreateCompatibleBitmap
GetDeviceCaps
CopyMetaFileA
CreateDCA
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
CreateCompatibleDC
BitBlt
ExtTextOutA
SaveDC
RestoreDC
SetMapMode
RealizePalette
CreatePalette
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegCreateKeyA
RegQueryValueA
RegOpenKeyExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ExtractIconExA

comctl32

ord17

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
OleGetClipboard
CoCreateGuid
OleRun

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysAllocStringByteLen
VarUdateFromDate
VarBstrFromDate
VarDateFromStr
SystemTimeToVariantTime
GetErrorInfo

odbc32

ord5
ord72
ord4
ord17
ord41
ord10
ord2
ord1
ord23
ord15
ord9
ord14
ord48
ord49
ord19
ord12
ord46
ord59
ord68
ord45
ord50
ord51
ord43
ord8
ord65
ord44
ord40
ord32
ord3
ord11
ord20
ord18
ord13
ord61
ord16

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 380KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f80b501cd4d5b37f209fdac285eb46a9

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

odbc32

version

Sections

.text Size: 380KB - Virtual size: 376KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 380KB - Virtual size: 376KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 24KB - Virtual size: 21KB