2024-02-04_a3113c49e2225c670bea4dfcfd4d1dbc_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-04_a3113c49e2225c670bea4dfcfd4d1dbc_icedid
Size

1.3MB
MD5

a3113c49e2225c670bea4dfcfd4d1dbc
SHA1

f7107f940bf81c0186a29e8345c94c41a7953cb6
SHA256

1c84830def7d94b1d7fe4a4ac4ba4e1ced3fa89378ecd8ded0f409286028f6d9
SHA512

41b6c156a47c3db4956b3407e3b8b5f3f5fe030884b8e89afde8084d09535e923889ca788c9590c637829e611d419e77c173e36f02128f3607d7999b1caf8d0b
SSDEEP

24576:8KcSrlI0vra+uOvEuXREIDTiX+W316wDE:8KcSrlI0DMzuh/DWX+W31ZDE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-04_a3113c49e2225c670bea4dfcfd4d1dbc_icedid

Files

2024-02-04_a3113c49e2225c670bea4dfcfd4d1dbc_icedid
.exe windows:4 windows x86 arch:x86

3d9e16c88213b4bf6d8b493a4a9cff90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHGetValueW
SHRegOpenUSKeyW
SHRegEnumUSKeyW

kernel32

GetFileTime
GetStartupInfoW
RtlUnwind
ExitThread
CreateThread
FindNextFileW
HeapReAlloc
ExitProcess
TerminateProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
FileTimeToLocalFileTime
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GlobalFlags
lstrcmpiW
WritePrivateProfileStringW
InterlockedIncrement
RaiseException
FileTimeToSystemTime
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFindAtomW
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
GlobalAddAtomW
GetCurrentThread
GetCurrentThreadId
lstrcmpW
GlobalDeleteAtom
GetModuleFileNameW
GetModuleHandleW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
GlobalFree
MulDiv
lstrcpyW
FormatMessageW
lstrcpynW
LocalFree
lstrlenW
WideCharToMultiByte
InterlockedDecrement
CreateFileW
WriteFile
GetFileAttributesW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
GetCommandLineW
CreateDirectoryW
MultiByteToWideChar
FreeLibrary
LoadLibraryW
GetProcAddress
ResetEvent
SetEvent
GetTickCount
CreateEventW
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
ResumeThread
GetCurrentProcess
GetEnvironmentStringsW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateProcessW
FreeEnvironmentStringsW
WaitForSingleObject
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
SetLastError
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetStartupInfoA

user32

PostThreadMessageW
RegisterClipboardFormatW
DestroyMenu
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
CharUpperW
wsprintfW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxW
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDlgItem
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
PostMessageW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
SetLayeredWindowAttributes
GetSystemMetrics
LoadIconW
EnableWindow
RedrawWindow
GetClientRect
GetWindowRect
IsIconic
SendMessageW
DrawIcon
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC

gdi32

GetMapMode
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetRgnBox
CreateRectRgnIndirect
GetTextColor
GetBkColor
GetWindowExtEx
GetViewportExtEx
GetStockObject
ExtSelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetWindowExtEx
BitBlt
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
DeleteDC
DeleteObject

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyW
RegCreateKeyExW

shell32

CommandLineToArgvW

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleFlushClipboard
OleInitialize
OleIsCurrentClipboard

oleaut32

SysStringLen
SysAllocStringLen
VariantClear
OleCreateFontIndirect
VariantChangeType
VariantInit
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysFreeString
VariantCopy

gdiplus

GdiplusShutdown
GdipCreateFromHDC
GdipDrawImageRectI
GdipDeleteGraphics
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipLoadImageFromStreamICM
GdiplusStartup

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d9e16c88213b4bf6d8b493a4a9cff90

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB