2024-02-01_365108243022fe32293ecc1197dd284b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-01_365108243022fe32293ecc1197dd284b_icedid
Size

1.2MB
MD5

365108243022fe32293ecc1197dd284b
SHA1

cba788a4044560fab84ec0a3ba08cb955d5d164c
SHA256

109a7ba39972139e05a9db7d096877f91bfd8fc30db2101d631f6c7546cc1630
SHA512

377c24429a9a975207321413842c6a29a193b45c7ce5d5dd74b3638054116d96071fc2c198e59c2dc3622d842cf0ae24721d68dc40995b8376c1efcbd6f163eb
SSDEEP

12288:MIUYOXVtIdDilnKbTvpTjt00FX2GGJ3u2A+Qj6/GSZDyiYSv6uJ:6txlnKbNTSa+A+QEyiv6u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-01_365108243022fe32293ecc1197dd284b_icedid

Files

2024-02-01_365108243022fe32293ecc1197dd284b_icedid
.exe windows:4 windows x86 arch:x86

3bf8dcdc888dc7320f05d58b8e1325ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

inet_addr
WSACleanup
connect
socket
ioctlsocket
htons
bind
htonl
listen
WSAStartup
gethostname
getsockname
setsockopt
gethostbyname
select
accept
inet_ntoa
recv
send
shutdown
closesocket

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmGetOpenStatus

ssce4332

SSCE_SetOption
SSCE_GetOption
SSCE_CloseBlock
SSCE_GetBlockInfo
SSCE_CheckBlock
SSCE_OpenBlock
SSCE_CloseSession
SSCE_CloseLex
SSCE_OpenLex
SSCE_CreateLex
SSCE_OpenSession
SSCE_SetDebugFile
SSCE_GetLex
SSCE_GetLexInfo
SSCE_AddToLex
SSCE_DelFromLex
SSCE_Suggest
SSCE_NextBlockWord
SSCE_ReplaceBlockWord
SSCE_DelBlockWord
SSCE_GetBlock

kernel32

ResumeThread
SetEvent
SuspendThread
CreateEventA
SetLastError
InterlockedDecrement
SetThreadPriority
DuplicateHandle
GetCurrentProcess
FlushFileBuffers
LockFile
UnlockFile
MoveFileA
GetStringTypeExA
GetFullPathNameA
GetShortPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SetFileTime
GetCurrentThread
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTempPathA
SearchPathA
LoadLibraryA
GetThreadLocale
FreeLibrary
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
RtlUnwind
HeapFree
GetACP
HeapReAlloc
HeapAlloc
RaiseException
SetEnvironmentVariableA
GetTimeZoneInformation
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
CreateThread
HeapSize
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
InterlockedIncrement
CompareStringW
SetStdHandle
GetLocaleInfoW
lstrcatA
GetCurrentThreadId
GlobalFindAtomA
GetProcAddress
LockResource
FindResourceA
LoadResource
lstrcmpA
GetCurrentProcessId
lstrcmpiA
GetTempFileNameA
CreateProcessA
ExitThread
lstrcpyA
GlobalGetAtomNameA
GlobalDeleteAtom
CompareFileTime
SystemTimeToFileTime
Sleep
GetDriveTypeA
QueryDosDeviceA
GetVolumeInformationA
GetLogicalDrives
GetLocalTime
GetSystemTime
GetDateFormatA
GetTimeFormatA
LocalAlloc
LocalFree
CreateFileA
SetFilePointer
SetEndOfFile
WriteFile
MulDiv
LocalUnlock
LocalLock
GetLastError
ReadFile
_lclose
OpenFile
CopyFileA
LocalSize
GlobalSize
GetOEMCP
GetCPInfo
IsDBCSLeadByte
WideCharToMultiByte
MultiByteToWideChar
GlobalReAlloc
lstrcpynA
GetPrivateProfileIntA
CompareStringA
GetCurrentDirectoryA
GetProfileStringA
GetProfileIntA
FindFirstFileA
FindNextFileA
FindClose
SetCurrentDirectoryA
lstrlenW
GetVersionExA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GlobalAddAtomA
WinExec
GetModuleFileNameA
GetVersion
SetFileAttributesA
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleHandleA
lstrlenA
GetWindowsDirectoryA
DeleteFileA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcessVersion
GlobalFlags
InitializeCriticalSection

user32

GetMenu
FillRect
GetDCEx
GetDesktopWindow
InflateRect
DispatchMessageA
GetMessageA
OffsetRect
PtInRect
GetCapture
DeferWindowPos
EndDeferWindowPos
BeginDeferWindowPos
SetParent
IsWindow
IsChild
TranslateMDISysAccel
TranslateAcceleratorA
GetSystemMenu
BringWindowToTop
SetWindowPos
RedrawWindow
IntersectRect
GetTopWindow
IsRectEmpty
GetMenuState
DestroyWindow
GetClassInfoA
DialogBoxParamA
ShowCursor
LoadStringA
EnumChildWindows
EndDialog
GetDlgItem
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
SetFocus
MoveWindow
ShowWindow
IsWindowEnabled
CreateDialogIndirectParamA
GetActiveWindow
GetNextDlgTabItem
GetWindowPlacement
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
RemovePropA
GetPropA
UnhookWindowsHookEx
SetPropA
CallNextHookEx
SetWindowsHookExA
GetDlgCtrlID
SetWindowPlacement
GetScrollRange
SetScrollInfo
GetScrollInfo
EqualRect
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
SetDlgItemTextA
IsDialogMessageA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
wvsprintfA
TranslateMessage
GetWindowDC
GrayStringA
DestroyMenu
SetMenu
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
DefMDIChildProcA
MapDialogRect
PostQuitMessage
ShowOwnedPopups
DestroyIcon
LoadIconA
DestroyCursor
SetCursorPos
WaitMessage
GetWindowThreadProcessId
GetSysColorBrush
InvertRect
IsCharLowerW
IsCharUpperW
CharLowerW
IsCharAlphaW
CharUpperW
CharUpperA
IsCharLowerA
IsCharUpperA
CharLowerA
IsCharAlphaA
SetClipboardData
GetClipboardData
OemToCharBuffA
GetClassLongA
BeginPaint
EndPaint
GetCursorPos
ScreenToClient
ClientToScreen
WindowFromPoint
GetClassNameA
SetCapture
ScrollWindow
ValidateRect
HideCaret
SetRect
DrawTextA
TabbedTextOutW
TabbedTextOutA
SetScrollPos
SetCaretPos
SetScrollRange
GetTabbedTextExtentW
SetClassLongA
DestroyCaret
CreateCaret
ShowCaret
SetCursor
ReleaseCapture
LoadCursorA
GetSysColor
GetCaretPos
OpenClipboard
CloseClipboard
GetMenuStringA
DeleteMenu
wsprintfA
InsertMenuA
GetMenuItemCount
GetWindow
LockWindowUpdate
PeekMessageA
InvalidateRect
MessageBoxA
UnregisterClassA
FindWindowA
SetForegroundWindow
RegisterClassA
CreateWindowExA
UpdateWindow
PostMessageA
SetWindowLongA
GetWindowLongA
DefWindowProcA
RegisterWindowMessageA
GetKeyState
GetParent
IsWindowVisible
SetActiveWindow
IsIconic
GetWindowRect
LoadAcceleratorsA
GetKeyboardState
DestroyAcceleratorTable
CreateAcceleratorTableA
MapVirtualKeyA
CopyAcceleratorTableA
KillTimer
SetTimer
IsZoomed
GetDC
ReleaseDC
EnableWindow
SendMessageA
DrawMenuBar
WinHelpA
GetMenuItemID
RemoveMenu
ModifyMenuA
CallWindowProcA
TrackPopupMenu
SetKeyboardState
GetAsyncKeyState
ToAscii
SetRectEmpty
LoadBitmapA
LoadMenuA
CreatePopupMenu
GetSubMenu
AppendMenuA
GetFocus
WindowFromDC
GetSystemMetrics
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollPos
SystemParametersInfoA
GetDoubleClickTime
CopyRect
IsClipboardFormatAvailable
MessageBeep
CharToOemBuffA
EmptyClipboard
GetTabbedTextExtentA
CharNextA
GetUpdateRect

gdi32

CreatePen
DeleteObject
RestoreDC
CreateFontIndirectA
GetCharWidthA
GetWindowOrgEx
GetTextFaceA
GetROP2
GetBkMode
GetTextAlign
GetPolyFillMode
GetStretchBltMode
GetBkColor
LPtoDP
BitBlt
CombineRgn
SetRectRgn
CreateFontA
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
SetAbortProc
StartPage
EndPage
EndDoc
GetTextMetricsA
SelectObject
GetTextExtentPointA
GetCharWidth32W
GetTextExtentPoint32A
SetTextColor
CreateSolidBrush
ExtTextOutA
SetBkColor
GetTextExtentPoint32W
ExtTextOutW
LineTo
MoveToEx
CreateRectRgn
SelectClipRgn
GetObjectA
GetDeviceCaps
GetClipBox
DPtoLP
GetTextColor
GetCurrentObject
GetNearestColor
CreateBitmap
DeleteDC
StartDocA
SaveDC
AbortDoc
GetStockObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetCurrentPositionEx
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
Escape
CreateDCA
PatBlt
CreateRectRgnIndirect
Rectangle
GetViewportOrgEx

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
ChooseFontA
GetFileTitleA
PrintDlgA
ChooseColorA
ReplaceTextA
FindTextA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueExA
RegEnumKeyExA
GetFileSecurityA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegOpenKeyExA
SetFileSecurityA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegDeleteValueA

shell32

ShellExecuteA
ExtractIconA
ShellExecuteExA
SHFileOperationA
SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
Shell_NotifyIconA

comctl32

ImageList_AddMasked
ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Create
ImageList_Destroy
ImageList_LoadImageA

Sections

.text
Size: 768KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bf8dcdc888dc7320f05d58b8e1325ab

Headers

File Characteristics

Imports

wsock32

imm32

ssce4332

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 768KB - Virtual size: 764KB

.rdata Size: 136KB - Virtual size: 133KB

.data Size: 52KB - Virtual size: 93KB

.rsrc Size: 228KB - Virtual size: 224KB

.text
Size: 768KB - Virtual size: 764KB

.rdata
Size: 136KB - Virtual size: 133KB

.data
Size: 52KB - Virtual size: 93KB

.rsrc
Size: 228KB - Virtual size: 224KB