2024-02-02_c7718645b88f23d4d7b6acf5285b3992_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-02_c7718645b88f23d4d7b6acf5285b3992_icedid
Size

520KB
MD5

c7718645b88f23d4d7b6acf5285b3992
SHA1

781729bbc1c16204cfb8f2987efbfd976be3e5ce
SHA256

3d50219a90b39093171656814a8cf5e4b1782366c91e18f16a8972cee2075727
SHA512

f0281749bb0f25c3d5e511b0e3ca3ce3faafba494c74c2976f4003c9fe1cde2fb44edbdbe4600c33698428047b4e6d332007fc10150baa54df1df70bbb0f5caa
SSDEEP

12288:EoBzCsa43vQ5c1WMJtoQNV+21c9/J2v2cGRkH9e96yyyyyYZZV9+yyyyyYZZBZHc:nZ3IG1WMJSH21c9/J2lH4I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-02_c7718645b88f23d4d7b6acf5285b3992_icedid

Files

2024-02-02_c7718645b88f23d4d7b6acf5285b3992_icedid
.exe windows:5 windows x86 arch:x86

b7b09f844977a8d38cf4a833164d4813

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dxwnd

ord6
ord2
ord4
ord3
ord5
ord1

shlwapi

PathRemoveFileSpecA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA

kernel32

MoveFileA
DeleteFileA
GetStringTypeExA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetShortPathNameA
CreateFileA
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetFileSizeEx
GetCPInfo
GetOEMCP
SetErrorMode
GetTickCount
RaiseException
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
SystemTimeToFileTime
VirtualQuery
HeapReAlloc
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
FileTimeToSystemTime
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetCurrentProcessId
GetModuleFileNameA
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
MultiByteToWideChar
lstrlenA
GlobalLock
GlobalUnlock
MulDiv
GetVersion
CreateSemaphoreA
GetVersionExA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetFileSize
FreeLibrary
GetCurrentProcess
GetCurrentDirectoryA
CreateProcessA
ContinueDebugEvent
WaitForDebugEvent
GetFullPathNameA
OpenProcess
TerminateProcess
GetLastError
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
CreateThread
lstrcmpiA
Sleep
CreateToolhelp32Snapshot
Thread32First
OpenThread
ResumeThread
SuspendThread
CloseHandle
Thread32Next
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
WideCharToMultiByte
FindResourceA
SizeofResource
LoadResource
LockResource
GetSystemInfo

user32

ReuseDDElParam
UnpackDDElParam
GetSysColorBrush
LoadCursorA
CharUpperA
CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
SetCapture
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
InvalidateRect
DestroyMenu
GetMenuItemInfoA
InflateRect
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
PostQuitMessage
ShowWindow
MoveWindow
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
EnableMenuItem
CopyRect
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
GetMenuItemCount
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
RegisterWindowMessageA
DrawAnimatedRects
FindWindowA
EnumChildWindows
GetClassNameA
GetCursorPos
TrackPopupMenu
SetMenuDefaultItem
IsWindow
LoadImageA
DestroyIcon
SetForegroundWindow
SetParent
SetActiveWindow
RedrawWindow
PostMessageA
GetMenuItemID
SystemParametersInfoA
LoadIconA
KillTimer
SetTimer
ReleaseDC
GetDC
WindowFromDC
GetDesktopWindow
AdjustWindowRect
MessageBoxA
SetWindowTextA
ClipCursor
GetParent
ClientToScreen
LoadMenuA
GetSubMenu
GetMenuState
CheckMenuItem
LoadBitmapA
EnumDisplaySettingsA
ChangeDisplaySettingsA
MessageBoxExA
UpdateWindow
GetWindowRect
SendMessageA
EnableWindow
GetClientRect
GetMenu

gdi32

GetDeviceCaps
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectA
CreateCompatibleBitmap
ExtSelectClipRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32A
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
SetDIBitsToDevice
StretchDIBits
CreatePalette
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
GetFileSecurityA
SetFileSecurityA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHAppBarMessage
Shell_NotifyIconA
ShellExecuteA

comctl32

ImageList_Create

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
SafeArrayDestroy
VariantCopy
VariantTimeToSystemTime
SysAllocStringLen
VariantInit

Sections

.text
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7b09f844977a8d38cf4a833164d4813

Headers

DLL Characteristics

File Characteristics

Imports

dxwnd

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 307KB - Virtual size: 306KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 307KB - Virtual size: 306KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 120KB - Virtual size: 120KB