2024-02-04_bdd9f5c5a1b27e5fe16763f452a2a7e2_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-04_bdd9f5c5a1b27e5fe16763f452a2a7e2_icedid
Size

784KB
MD5

bdd9f5c5a1b27e5fe16763f452a2a7e2
SHA1

8395f0a212c942bbf7d181db84b635b25c753fe0
SHA256

f1130070243ff8671802a51b2d9f876edd5d0cfd0d96598c5485ba601df36ef2
SHA512

292fcc26651eaedb0b18cb9bc357b6673a0e078c406665613a486397d68e253668ebaa399a67aaeccc584854441fb0b2be61d0203fa1de7951fdc9aaf64db935
SSDEEP

24576:/SP3SXHj4e8vYg71/pCV7iOmtTxyKCm7CMW23xY3qr:7jHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-04_bdd9f5c5a1b27e5fe16763f452a2a7e2_icedid

Files

2024-02-04_bdd9f5c5a1b27e5fe16763f452a2a7e2_icedid
.exe windows:4 windows x86 arch:x86

d7629cf89f4ffd412ef193210dcde196

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
InterlockedExchange
CompareStringA
FreeLibrary
LoadLibraryA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
Sleep
InterlockedDecrement
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetOEMCP
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetDriveTypeA
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
LCMapStringA
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapReAlloc
TerminateProcess
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
LocalFileTimeToFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
SystemTimeToFileTime
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
FindClose
GetCurrentThreadId
WriteFile
SetFilePointer
CloseHandle
SetFileTime
GetCurrentProcess
GetTickCount
LocalFree
lstrlenA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GlobalFree
GlobalLock
GlobalAlloc
GlobalUnlock
ReadFile
GetFileSize
GetACP
GetLocaleInfoA
GetThreadLocale
FreeResource
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
MulDiv
GetVersionExA

advapi32

SetFileSecurityW
GetFileSecurityW
RegCloseKey

user32

GetWindowRect
GetClientRect
InvalidateRect
RedrawWindow
GetCapture
SetCapture
GetParent
SetForegroundWindow
DestroyCursor
SetCursor
ReleaseCapture
PtInRect
GetFocus
TranslateMessage
GetKeyState
SetMenu
GetMenu
MessageBoxA
SetTimer
FillRect
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
TrackPopupMenuEx
DestroyIcon
SetMenuInfo
GetMenuInfo
SetWindowPos
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
IsWindowVisible
GetScrollPos
EnumWindows
CreatePopupMenu
DeleteMenu
RemoveMenu
GetSystemMenu
EnableMenuItem
ScreenToClient
GetDesktopWindow
WindowFromPoint
CallNextHookEx
UnhookWindowsHookEx
AnimateWindow
GetMessageTime
GetMessagePos
SubtractRect
ClientToScreen
IsIconic
IsZoomed
DrawFrameControl
MapWindowPoints
KillTimer
SetFocus
keybd_event
DrawIconEx
ShowWindow
FrameRect
EndDialog
GetNextDlgTabItem
InflateRect
GetDlgItem
DestroyWindow
SetActiveWindow
OffsetRect
PostQuitMessage
ShowOwnedPopups
ValidateRect
GetCursorPos
GetMenuCheckMarkDimensions
CheckMenuItem
SetMenuItemBitmaps
GetWindow
GetWindowPlacement
SystemParametersInfoA
GetDlgCtrlID
SetWindowPlacement
GetDC
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
ShowScrollBar
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
ScrollWindow
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
IsChild
SendDlgItemMessageA
SetScrollInfo
DestroyMenu
SetRect
DrawIcon
SetWindowRgn
GetWindowDC
BeginPaint
EndPaint
DrawMenuBar
BringWindowToTop
TranslateMDISysAccel
ReuseDDElParam
UnpackDDElParam
SetCursorPos
GetTabbedTextExtentA
GetSysColorBrush
SetParent
CreateMenu
GetDCEx
LockWindowUpdate
ReleaseDC
GetSysColor
GetSystemMetrics
IntersectRect
EqualRect
CopyRect
SetRectEmpty
IsRectEmpty
IsWindow
UpdateWindow
GetActiveWindow
UnionRect
IsWindowEnabled
MoveWindow

gdi32

SetRectRgn
GetWindowOrgEx
GetTextExtentPoint32A
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
StretchDIBits
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
SetAbortProc
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
LineTo
MoveToEx
Arc
CreatePen
CreateSolidBrush
GetDeviceCaps
GetViewportExtEx
DPtoLP
LPtoDP
SelectObject
DeleteObject
CreateRectRgnIndirect
CreateEllipticRgnIndirect
CreatePolygonRgn
CombineRgn
GetBkColor
PaintRgn
Ellipse
BeginPath
EndPath
FillPath
GetViewportOrgEx
GetRgnBox
GetCurrentObject
CreateRectRgn
OffsetViewportOrgEx
SetViewportOrgEx
EndPage
StartPage
Rectangle
SetBkColor
SetTextColor
CreateBitmap
Escape
RectVisible
PtVisible
GetStockObject
BitBlt
PatBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetClipBox
ScaleWindowExtEx
GetPixel
GetWindowExtEx
SelectClipRgn
SetTextAlign
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateEllipticRgn
DeleteDC
EndDoc
AbortDoc

shell32

SHGetMalloc
DragAcceptFiles
DragFinish
SHGetSpecialFolderLocation

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_Create
ImageList_LoadImageW
ImageList_GetImageInfo
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_AddMasked
ord17
ImageList_Remove

shlwapi

PathRemoveExtensionW
PathFindExtensionW
PathStripToRootW
PathFindFileNameW
PathIsUNCW

ole32

OleInitialize
CoCreateInstance
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError

winspool.drv

ClosePrinter

Sections

.text
Size: 464KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7629cf89f4ffd412ef193210dcde196

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

comctl32

shlwapi

ole32

oleaut32

comdlg32

winspool.drv

Sections

.text Size: 464KB - Virtual size: 460KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 12KB - Virtual size: 32KB

.rsrc Size: 184KB - Virtual size: 181KB

.text
Size: 464KB - Virtual size: 460KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 12KB - Virtual size: 32KB

.rsrc
Size: 184KB - Virtual size: 181KB