2024-02-03_4c470cf68874cbe0602931e93ea6db5a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-03_4c470cf68874cbe0602931e93ea6db5a_icedid
Size

25.0MB
MD5

4c470cf68874cbe0602931e93ea6db5a
SHA1

926fe601daf08c1dc4e4ecba5afb86790ec75d9a
SHA256

58d5d757aef247337074438295a67ac052b1fe925e38c42d19e6b17d11954117
SHA512

27212e043dcc363dc75a1d1d20373d739292f7cbaf334307f7c04b338b07f43bfe80ba116047f370374f37a736e5da427b78a863e6bd775e6ff5143a725ad2cd
SSDEEP

786432:1Ghcxuer8FV3RNsH/k6hIKxKCnwxbpvrt:n/dhrII4bpvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-03_4c470cf68874cbe0602931e93ea6db5a_icedid

Files

2024-02-03_4c470cf68874cbe0602931e93ea6db5a_icedid
.exe windows:4 windows x86 arch:x86

3620b080c43396160cfc93ce9c732c29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\packager-r1.4-trunk\Packager\trunk\Source\Release\MetaInstaller.pdb

Imports

gdi32

GetStockObject

advapi32

RegQueryValueExA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

rpcrt4

UuidFromStringA

shlwapi

StrStrIW

kernel32

GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
lstrcpyA
SetEvent
Sleep
CloseHandle
WaitForSingleObject
CreateEventA
GetLastError
lstrlenA
lstrcatA
GetModuleFileNameA
GetCommandLineA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetExitCodeProcess
CreateProcessA
MoveFileA
GetShortPathNameA
lstrcpynA
GetTimeFormatA
GetDateFormatA
CreateDirectoryA
GetFileAttributesA
GetCurrentDirectoryA
GetSystemTime
GetWindowsDirectoryA
GetEnvironmentVariableA
GetCurrentProcess
WritePrivateProfileStringA
lstrcmpiA
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
LockResource
LoadResource
FindResourceA
RemoveDirectoryA
FindClose
FindNextFileA
lstrcmpA
DeleteFileA
FindFirstFileA
ResetEvent
DeleteCriticalSection
FlushFileBuffers
GetTickCount
GetDiskFreeSpaceExA
InitializeCriticalSection
GetVersionExA
GetSystemDirectoryA
FreeLibrary
CompareStringA
GetModuleHandleA
LoadLibraryA
InterlockedExchange
SetLastError
LocalAlloc
LocalFree
GetProcAddress
RaiseException
GetLocaleInfoA
GetUserDefaultLCID
SetEnvironmentVariableA
LCMapStringA
SetConsoleCtrlHandler
GetStringTypeA
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
HeapReAlloc
VirtualAlloc
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
GetOEMCP
GetACP
ExitProcess
GetCurrentThread
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
ExitThread
GetCurrentThreadId
CreateThread
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap

user32

MessageBoxA
ExitWindowsEx
CharNextA
wsprintfA
LoadIconA
LoadCursorA
RegisterClassA
CreateDialogParamA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
PostQuitMessage
ShowWindow
SetTimer
DefDlgProcA
GetClientRect
DialogBoxParamA
EndDialog
GetDlgItem
LoadStringA
SetWindowTextA
SetForegroundWindow
SetFocus
GetParent
GetDesktopWindow
GetWindowRect
CopyRect
SetWindowPos
InvalidateRect
SetDlgItemTextA
MoveWindow
PostMessageA
OffsetRect

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3620b080c43396160cfc93ce9c732c29

Headers

File Characteristics

PDB Paths

Imports

gdi32

advapi32

version

rpcrt4

shlwapi

kernel32

user32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 12KB - Virtual size: 11KB