2024-02-03_e5d75d7ad0147466d8f16247b6f14df8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-03_e5d75d7ad0147466d8f16247b6f14df8_icedid
Size

352KB
MD5

e5d75d7ad0147466d8f16247b6f14df8
SHA1

8ad95e5bc6935ca6a65f3e7fa3bd3d11c9c60209
SHA256

e5ecf22a9e0cdc1b449f5c2794c17dd6171780c8cf0bc4653a7ba76b108a1a4b
SHA512

293e2d6cbe97efef1fc3a124fc613a32445988bf9364a298442e08c4b29611f47ece143a2d9563afb9175adde2e6750ebd4b5235fd04e205ce75fc26601d61ca
SSDEEP

6144:24L/dPJzJ52ymKaEmIRvztqL5KUbtP5JVL/VJtwIn0N:24L/dPJJFaE3R7tqL5HPdt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-03_e5d75d7ad0147466d8f16247b6f14df8_icedid

Files

2024-02-03_e5d75d7ad0147466d8f16247b6f14df8_icedid
.exe windows:4 windows x86 arch:x86

3b7d1c2759cb02f176089e9456d75ad8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Source code\PC apps\App Upgrade\MW Upgrade Esp Rls\Update.pdb

Imports

shfolder

SHGetFolderPathA

kernel32

RtlUnwind
GetTimeFormatA
GetDateFormatA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
IsBadReadPtr
ExitProcess
GetLocaleInfoW
SetEnvironmentVariableA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
MultiByteToWideChar
FindClose
DeleteFileA
FindFirstFileA
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
lstrcmpA
FindNextFileA
CopyFileA
RemoveDirectoryA
HeapFree
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
GetCurrentDirectoryA
GetModuleFileNameA
GetTickCount
GetFileTime
SetErrorMode
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedDecrement
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetProcAddress
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetTempPathA
CompareFileTime
GetModuleHandleA
IsBadCodePtr

user32

GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
SetWindowContextHelpId
MapDialogRect
ReleaseDC
GetDC
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
PostThreadMessageA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsChild
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SendMessageA
EnableWindow
CharUpperA
DrawIcon
AppendMenuA
GetSystemMenu
IsIconic
GetClientRect
UpdateWindow
InvalidateRect
LoadIconA
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
PostMessageA
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
wsprintfA
GetWindowTextLengthA
GetWindowTextA
RegisterClipboardFormatA
WinHelpA
GetSystemMetrics
MessageBeep
MessageBoxA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
SetFocus
GetWindow
SetMenuItemBitmaps

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
CreateBitmap
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
DeleteObject
SetMapMode
GetObjectA
SetBkColor
SetTextColor
GetClipBox
RestoreDC
SaveDC
ExtTextOutA
GetDeviceCaps
CreateRectRgnIndirect

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegQueryValueExA
GetUserNameA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

SysStringLen
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysFreeString

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b7d1c2759cb02f176089e9456d75ad8

Headers

File Characteristics

PDB Paths

Imports

shfolder

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 244KB - Virtual size: 240KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 36KB - Virtual size: 32KB