2024-02-04_6ab8a2125286c69940980cf2243eb0bf_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-04_6ab8a2125286c69940980cf2243eb0bf_icedid
Size

1.9MB
MD5

6ab8a2125286c69940980cf2243eb0bf
SHA1

80fe1f9c9f9b05ac6fe81921054c9c764dc67a78
SHA256

ac83c378845e4118089deb408352a8abddd8367d707b22d07a441dcdb2ddc2e2
SHA512

3957d6a65c54df4d9d6f565a88d03215f2598486ab98267d97d215d41bc36b8e1c853458611b6ecd5e6ec1cd312a1c41b44781269463ff57d8e2842368761f51
SSDEEP

49152:6CMPjNkMDQFKqkN1h3ccFuSQ4Djx5kJbjhbAT8KdVYnsXayDWKx/06Neg+pal:cjNkYQnkX6cFuSQcjxiJbtbATpwsXayj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-04_6ab8a2125286c69940980cf2243eb0bf_icedid

Files

2024-02-04_6ab8a2125286c69940980cf2243eb0bf_icedid
.exe windows:5 windows x86 arch:x86

36797b6d50ff4cc8d45ee625e968ecce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetStdHandle
CreateFileW
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
IsDebuggerPresent
GetDriveTypeW
GetConsoleCP
GetConsoleMode
GetProcessHeap
GetExitCodeProcess
CreateProcessA
WriteConsoleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
GetSystemTimeAsFileTime
HeapQueryInformation
HeapSize
GetFileType
SetStdHandle
HeapReAlloc
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
SizeofResource
RaiseException
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
DecodePointer
EncodePointer
SetEnvironmentVariableA
CompareStringW
RemoveDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetNumberFormatA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetTempFileNameA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
SetErrorMode
GetACP
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
LoadLibraryExA
lstrcmpA
LCMapStringW
IsProcessorFeaturePresent
HeapFree
GetStringTypeW
GetModuleHandleW
InterlockedExchange
InterlockedIncrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetProfileIntA
GetTickCount
GetModuleFileNameA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
DeleteFileA
CreateFileA
lstrcmpiA
GetThreadLocale
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
FindResourceA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FreeLibrary
lstrcmpW
GetCurrentThreadId
ResumeThread
SetThreadPriority
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
OpenFileMappingA
GlobalAlloc
lstrcpyA
GetCurrentProcessId
FileTimeToSystemTime
GetSystemTime
GetTempPathA
GetVolumeInformationA
CreateDirectoryA
WaitForSingleObject
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLocaleInfoA
lstrcpynA
GetFullPathNameA
MultiByteToWideChar
GetCurrentProcess
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
WinExec
GlobalSize
CreateFileMappingA
MapViewOfFile
GetLastError
UnmapViewOfFile
GlobalUnlock
CopyFileA
Sleep
InterlockedDecrement
GlobalLock
GlobalFree
TerminateProcess
CloseHandle
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
GetTimeZoneInformation

user32

IsMenu
UpdateLayeredWindow
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
SetClassLongA
NotifyWinEvent
DestroyAcceleratorTable
SetWindowRgn
IsZoomed
MessageBeep
GetNextDlgGroupItem
PostThreadMessageA
WaitMessage
UnionRect
SetParent
DeleteMenu
InvalidateRgn
CopyAcceleratorTableA
UnregisterClassA
IsClipboardFormatAvailable
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
WindowFromPoint
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
ShowOwnedPopups
PostQuitMessage
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
CharNextA
IntersectRect
IsRectEmpty
InflateRect
MapVirtualKeyA
GetKeyNameTextA
LoadBitmapA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
TabbedTextOutA
CharUpperA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
CopyRect
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetMenuState
GetMenuStringA
GetMenuItemID
CreateMenu
SetMenuDefaultItem
FrameRect
GetUpdateRect
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExA
InsertMenuA
GetMenuItemCount
RemoveMenu
SetCursor
GetSystemMetrics
GetWindowLongA
SetWindowLongA
ReleaseCapture
LoadIconW
LoadCursorA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
ShowWindow
SetClipboardData
LoadCursorW
GetForegroundWindow
SetForegroundWindow
SetActiveWindow
GetActiveWindow
KillTimer
SetTimer
IsWindowVisible
InvalidateRect
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
LoadBitmapW
PtInRect
GetClientRect
GetWindowRect
GetCursorPos
LoadMenuW
GetSubMenu
EnableMenuItem
OpenClipboard
EmptyClipboard
CloseClipboard
RedrawWindow
GetIconInfo
GetSysColor
GetWindowTextA
LoadStringA
DrawIconEx
DestroyIcon
SetCapture
ReleaseDC
GetDC
ClientToScreen
FillRect
OffsetRect
SetRectEmpty
SetRect
GetAsyncKeyState
EnableWindow
GetWindow
EnumWindows
GetWindowThreadProcessId
SendMessageA
DrawTextA

gdi32

CreatePen
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetBkColor
GetTextColor
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
GetObjectType
SelectPalette
StretchBlt
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
CreateRectRgn
SelectClipRgn
OffsetRgn
DeleteObject
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
BitBlt
GetWindowExtEx
SetDIBColorTable
CreateCompatibleBitmap
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
CreateSolidBrush
GetDeviceCaps
TextOutA
GetTextExtentPoint32A
ExtTextOutA
SetPixel
GetPixel
GetObjectA
CreateFontIndirectA
Rectangle
CreateCompatibleDC
GetViewportExtEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteA
SHAppBarMessage
SHGetPathFromIDListA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW

ole32

CoInitializeEx
CoRegisterMessageFilter
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
OleGetClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleLockRunning
IsAccelerator
CoInitialize
CoUninitialize
CoCreateInstance
OleTranslateAccelerator
OleIsCurrentClipboard
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleFlushClipboard

oleaut32

SysFreeString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysAllocString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen

oledlg

ord8

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36797b6d50ff4cc8d45ee625e968ecce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 293KB - Virtual size: 292KB

.data Size: 33KB - Virtual size: 63KB

.rsrc Size: 335KB - Virtual size: 334KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 293KB - Virtual size: 292KB

.data
Size: 33KB - Virtual size: 63KB

.rsrc
Size: 335KB - Virtual size: 334KB