2024-02-03_b23a19cd94739bd4f4261cd5d556d4ec_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-03_b23a19cd94739bd4f4261cd5d556d4ec_icedid
Size

232KB
MD5

b23a19cd94739bd4f4261cd5d556d4ec
SHA1

88372bdb29b432511a16c862f112d0271f3f4de7
SHA256

31e2b32c754d371aac2ed1f48ad7a121cd5afda07c643ccaa2ad89c19ffc5fee
SHA512

e14b5bb63dc8b16ff377e45356ba98fe2b3273f91d7602bd7f6bb12185596b2028d5613ae62b3948e16c7092c205c7031966271da2c0519397854dae6b91c758
SSDEEP

6144:bSNKe/AkCmUbGizJBt5Im2vKkbcBBTUh:bS83k6bGiVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-03_b23a19cd94739bd4f4261cd5d556d4ec_icedid

Files

2024-02-03_b23a19cd94739bd4f4261cd5d556d4ec_icedid
.exe windows:4 windows x86 arch:x86

d9fa839c9025c32b3f39b9db965478cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Buildsrc\Wps_7.0_sp2\Wfwi\WiseRemoteCompress\Release\WiseRemoteCompress.pdb

Imports

kernel32

SetEndOfFile
GetCPInfo
GetOEMCP
SetErrorMode
ExitProcess
RtlUnwind
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
GetStartupInfoA
GetFileType
GetSystemTimeAsFileTime
SetStdHandle
ExitThread
TerminateProcess
HeapSize
HeapDestroy
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
LocalAlloc
InterlockedIncrement
GlobalReAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
InterlockedDecrement
GlobalAddAtomA
GetCurrentThread
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
SuspendThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
MulDiv
lstrcpynA
GetCurrentProcessId
GetProcessHeap
HeapAlloc
HeapFree
FlushFileBuffers
FreeResource
GlobalFree
lstrcatA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
LocalFree
FormatMessageA
GlobalAlloc
GlobalLock
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
SetFilePointer
GetSystemInfo
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
DeleteFileA
SetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
SetFileAttributesA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileInformationByHandle
GetLocalTime
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileAttributesA
GetModuleFileNameA
CreateMailslotA
GetMailslotInfo
Sleep
CreateFileA
ReadFile
GetTickCount
lstrcpyA
GetFileSize
WriteFile
FindResourceA
LoadResource
LockResource
SizeofResource
QueryPerformanceFrequency
QueryPerformanceCounter
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
PulseEvent
InterlockedExchange
ResetEvent
CreateThread
SetEvent
WaitForSingleObject
WaitForMultipleObjects
CloseHandle
CreateEventA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapCreate

user32

SetFocus
IsWindowEnabled
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
GetWindowLongA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
GetKeyState
ValidateRect
GetMenuState
LoadCursorA
UpdateWindow
GetClassNameA
DestroyWindow
GetMenuItemID
SetForegroundWindow
SetWindowPos
GetMenuItemCount
GetWindow
GetSysColor
GetDC
ReleaseDC
EndDialog
GetDesktopWindow
MessageBoxA
PeekMessageA
IsWindowVisible
GetParent
GetWindowRect
GetSystemMetrics
EnableWindow
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassA
CreateWindowExA
SetTimer
GetFocus
GetWindowTextA
GetWindowTextLengthA
PostMessageA
SetCursor
GetLastActivePopup
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
DefWindowProcA
GetCursorPos
TrackPopupMenu
PostQuitMessage
ShowWindow
LoadIconA
LoadMenuA
GetSubMenu
wsprintfA
UnregisterClassA
SetMenuItemBitmaps
UnhookWindowsHookEx
CopyRect
DestroyMenu
SystemParametersInfoA
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
GetNextDlgTabItem
IsWindow
CreateDialogIndirectParamA
SetActiveWindow
PtInRect
GetWindowPlacement
CallWindowProcA
GetClassInfoA
AdjustWindowRectEx
GetMenu
MapWindowPoints
GetMessageTime
GetTopWindow
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassInfoExA
GetClassLongA
GetCapture
WinHelpA
GetMessagePos

gdi32

TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
RectVisible
PtVisible
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA
CreateBitmap
SelectObject
GetObjectA
GetDeviceCaps
DeleteObject
GetStockObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegDeleteKeyA
RegCloseKey

shell32

Shell_NotifyIconA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantInit
VariantChangeType
VariantClear

Exports

Exports

_NotifyWndProc@16

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9fa839c9025c32b3f39b9db965478cc

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 32KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 32KB

.rsrc
Size: 24KB - Virtual size: 20KB