2024-02-01_d515db1a87b9c099e51c766edd0e910e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-01_d515db1a87b9c099e51c766edd0e910e_icedid
Size

740KB
MD5

d515db1a87b9c099e51c766edd0e910e
SHA1

40e0ec143ed74549822483700d266767ef035e10
SHA256

63009dcd527a9fbf2ee9560ac11712f0624f43220692333a3bea7664e9c1b0e2
SHA512

39ae2ca949f100a8db5f04311d037b0f7e34bde670fb69ee2ed42abfa2024d2c4d2f234bd9fffe1e205c92f9dec3b77f6e959caeeb9d1f2b8f8e1d28295fa2c5
SSDEEP

12288:Ne2V5CGZ8OtJBUmwj/fDyUqDmTuCzfSiyCncwoT06BwS7K4:Ne2fbZBG3DyUVagn2T07

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-01_d515db1a87b9c099e51c766edd0e910e_icedid

Files

2024-02-01_d515db1a87b9c099e51c766edd0e910e_icedid
.exe windows:4 windows x86 arch:x86

861c7e79bb1bd16ff3243d78d7ba55e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
SetStdHandle
SetEnvironmentVariableA
GetACP
GetLocaleInfoA
GetThreadLocale
HeapSize
HeapReAlloc
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
CreateThread
ExitThread
ExitProcess
RtlUnwind
GetDiskFreeSpaceA
CreateDirectoryA
ReleaseMutex
CreateProcessA
ExpandEnvironmentStringsA
GetExitCodeProcess
DeviceIoControl
GetLogicalDriveStringsA
RemoveDirectoryA
OpenMutexA
CreateMutexA
GetFileTime
GetFileAttributesA
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
WinExec
GetTickCount
TerminateThread
Thread32Next
OpenThread
CloseHandle
Thread32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
OpenProcess
Sleep
MultiByteToWideChar
GetLastError
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
CompareStringA
CompareStringW
GetEnvironmentVariableA
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
GetModuleHandleA
lstrcpynA
SetErrorMode
GetShortPathNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedDecrement
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
WaitForSingleObject
InterlockedIncrement
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
GlobalGetAtomNameA
GlobalAddAtomA
lstrcmpW
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
InterlockedExchange

user32

RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
GetWindowThreadProcessId
ReleaseCapture
SetCapture
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
wsprintfA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetDC
ClientToScreen
CharNextA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
InvalidateRect
EnableWindow
GetClientRect
SetActiveWindow
SetParent
SetTimer
KillTimer
SendMessageA
PostMessageA
GetWindowRect
SetForegroundWindow
GetDesktopWindow
OffsetRect
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
PostThreadMessageA
MoveWindow
DrawIcon
AppendMenuA
InflateRect
GetSystemMenu
IsIconic
IsZoomed
GetWindowDC
WaitForInputIdle
EnumWindows
LoadImageA
GetThreadDesktop
GetUserObjectInformationA
ReleaseDC
UpdateWindow
FindWindowA
LoadIconA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
IsWindow
PeekMessageA
GetParent
GetActiveWindow
IsWindowEnabled
CharUpperA
EndDialog
GetNextDlgTabItem
GetDlgItem
GetWindowLongA
DestroyWindow
CreateDialogIndirectParamA
GetSystemMetrics
GetKeyState
IsWindowVisible
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow

gdi32

DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
SelectPalette
CreatePen
CreateRectRgnIndirect
CreateFontIndirectA
GetTextExtentPoint32A
GetMapMode
DPtoLP
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
GetDeviceCaps
CreateBitmap
SetBkColor
GetObjectA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetRgnBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
MoveToEx
LineTo
ExtCreateRegion
GetRegionData
CreateDIBitmap
CreateDIBSection
RealizePalette
SetTextColor
StretchBlt
CreatePalette
CreateHalftonePalette
GetDIBColorTable
GetCurrentObject
GetClipBox
SetDIBitsToDevice

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

OpenProcessToken
GetTokenInformation
GetUserNameA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA
FindExecutableA

comctl32

ord17
_TrackMouseEvent

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleRun
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject
CoInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
SafeArrayCreate
VariantCopy
SafeArrayGetElement
SafeArrayPutElement
VarBstrFromCy
VarUdateFromDate
GetErrorInfo

dogcheck4

LHCheckDog
LHMessageBox

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ws2_32

WSAStartup
socket
inet_addr
htons
sendto
inet_ntoa
gethostbyname
gethostname
WSAGetLastError

Sections

.text
Size: 504KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

861c7e79bb1bd16ff3243d78d7ba55e2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

dogcheck4

version

ws2_32

Sections

.text Size: 504KB - Virtual size: 500KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 84KB - Virtual size: 83KB

.text
Size: 504KB - Virtual size: 500KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 84KB - Virtual size: 83KB