2024-02-04_c5701e45a688fe9e22a5eb2b3c67060b_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-04_c5701e45a688fe9e22a5eb2b3c67060b_icedid
Size

4.5MB
MD5

c5701e45a688fe9e22a5eb2b3c67060b
SHA1

6e432a0ea54c1c7ef921acf92b6202b0db66466d
SHA256

e3f5003e95d51cc1258ac59201ea49095bda3343a1bcda0d900f5c589c6a99d1
SHA512

9d968fa6ed4e9bbea3e5595ffd086c4704eebd7eb046b7c9e3a2f3997153c2d75315ea229b41c0166ce416534ebc9637c095743041a3cb31f707540781c3cbce
SSDEEP

98304:mv/Xn9uf8zQQXMsO2ZEdRlkzT90nTSnIcKgj4:S97Er9Bd2NIgU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-04_c5701e45a688fe9e22a5eb2b3c67060b_icedid

Files

2024-02-04_c5701e45a688fe9e22a5eb2b3c67060b_icedid
.exe windows:4 windows x86 arch:x86

c4eeddef43ad60003bf3e37f28a3a64d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohs
ntohl
inet_addr
WSAStartup
setsockopt
socket
closesocket
bind
htons
gethostbyname
ioctlsocket
getsockopt
WSACleanup
__WSAFDIsSet
select
WSAGetLastError
connect
recv
recvfrom
send
sendto
WSAEventSelect
gethostname
shutdown
WSAIoctl
htonl

kernel32

CreateFileW
FindResourceExW
SetErrorMode
GetStartupInfoW
RtlUnwind
HeapFree
HeapAlloc
TerminateProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
IsBadReadPtr
HeapReAlloc
ExitThread
CreateThread
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetCurrentProcessId
GetOEMCP
GetCPInfo
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
lstrcmpiW
RaiseException
VirtualProtect
InterlockedDecrement
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
LoadLibraryA
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
GetModuleHandleA
SetLastError
MulDiv
lstrcpyW
lstrlenW
GlobalAlloc
FormatMessageW
lstrcpynW
LocalFree
GlobalFree
FreeResource
GlobalLock
GlobalUnlock
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
WideCharToMultiByte
GetTickCount
GetCurrentThreadId
GetLastError
InterlockedIncrement
WaitForMultipleObjects
GetModuleFileNameW
MultiByteToWideChar
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
SetEvent
CloseHandle
DeleteCriticalSection
CreateEventW
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
ExitProcess

user32

wsprintfW
GetAsyncKeyState
MapDialogRect
DestroyMenu
GetSysColorBrush
LoadCursorW
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuW
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MessageBoxW
GetKeyState
SetForegroundWindow
UpdateWindow
GetClassInfoW
RegisterClassW
UnregisterClassW
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
PtInRect
GetWindow
GetSysColor
EndPaint
BeginPaint
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CopyRect
RegisterWindowMessageW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetClassNameW
GetClassLongW
GetWindowLongW
GetScrollInfo
GetWindowRgn
MapWindowPoints
IsWindow
SetWindowRgn
OffsetRect
GetSystemMetrics
IsMenu
AdjustWindowRectEx
GetClientRect
GetMenu
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
IsWindowVisible
InvalidateRect
MonitorFromWindow
MessageBeep
LoadImageW
GetWindowRect
GetParent
LoadAcceleratorsW
PostMessageW
GetDlgItem
LoadIconW
SendMessageW
KillTimer
SetTimer
EnableMenuItem
DeleteMenu
TranslateAcceleratorW
EnableWindow
ReleaseDC
GetMessagePos

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
CreateFontIndirectW
SelectObject
OffsetViewportOrgEx
DPtoLP
EnumFontFamiliesExW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetObjectW
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
FillRgn
OffsetRgn
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateRectRgn
GetPixel
BitBlt
CreateCompatibleDC
CreatePolygonRgn
CreateCompatibleBitmap
CreateBitmap
SetViewportOrgEx

comdlg32

GetOpenFileNameW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegCloseKey
RegNotifyChangeKeyValue
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RegQueryValueExW

shell32

ShellExecuteW

comctl32

ord17
ImageList_Destroy
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

shlwapi

PathFindExtensionW
PathFindFileNameW

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString

Sections

.text
Size: 508KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4eeddef43ad60003bf3e37f28a3a64d

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 508KB - Virtual size: 504KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 16KB - Virtual size: 37KB

.rsrc Size: 3.9MB - Virtual size: 3.9MB

.text
Size: 508KB - Virtual size: 504KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 16KB - Virtual size: 37KB

.rsrc
Size: 3.9MB - Virtual size: 3.9MB