2024-02-14_2b2d2c5da39e06c3ed71deefc5caaf34_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-14_2b2d2c5da39e06c3ed71deefc5caaf34_icedid
Size

883KB
MD5

2b2d2c5da39e06c3ed71deefc5caaf34
SHA1

5fedc4fa950018ccf857bc3f49697ed59e8d1547
SHA256

579128fdb88858d832c9874f2eb5469b6aa6969f5f671882fdec805f4520930c
SHA512

d85720a916bfdafc232e1dcbd4bd3eb872a83cbe5be6c07e33456d2ae996131ecdf7f0bff77984846e4f80e4f4fc66833e20a8a360baf4d92d09759c3ad2f0d2
SSDEEP

12288:5o/v8fpEEiYclnJphhYpUVM9ZfXJuvIqBONPZMs6zRrHNlIf3Kflc1y:5oH8fpEEbclnnhgUArsO9ZCzl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-14_2b2d2c5da39e06c3ed71deefc5caaf34_icedid

Files

2024-02-14_2b2d2c5da39e06c3ed71deefc5caaf34_icedid
.exe windows:5 windows x86 arch:x86

b948d9c0c6016890c10412c9c330783e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Construct Compile\Runtime\PreviewRelease.pdb

Imports

dinput8

DirectInput8Create

kernel32

GetSystemTimeAsFileTime
RemoveDirectoryA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
VirtualAlloc
HeapReAlloc
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
GetTickCount
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
CreateFileA
WriteFile
CloseHandle
SetCurrentDirectoryA
DeleteFileA
SearchPathA
GetTempPathA
GetLongPathNameA
GetTempFileNameA
CreateDirectoryA
GetLastError
GetModuleHandleA
FreeLibrary
GetSystemInfo
GetModuleFileNameA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringA
LocalAlloc
LocalFree
InterlockedExchange
RaiseException
lstrlenA
MultiByteToWideChar
FormatMessageA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
GlobalFlags
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
SetLastError
GlobalFree

user32

PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ValidateRect
ClientToScreen
DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetDC
ReleaseDC
GetSysColorBrush
IsWindowEnabled
RegisterWindowMessageA
WinHelpA
GetCapture
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
RemovePropA
GetFocus
IsWindow
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
GetSysColor
GetCursorPos
CopyRect
PtInRect
GetDlgCtrlID
SendMessageA
CallWindowProcA
GetMenu
GetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetMenuState
SetWindowsHookExA
ScreenToClient
DefWindowProcA
GetWindowRect
LoadImageA
GetAsyncKeyState
MessageBoxA
SetWindowTextA
SetCursor
LoadCursorA
SetMenu
EnumDisplaySettingsA
GetClientRect
DestroyWindow
LoadIconA
GetSystemMetrics
RegisterClassExA
CreateWindowExA
SetWindowLongA
SetRect
LoadStringA
PeekMessageA
TranslateMessage
GetMenuItemID
GetMenuItemCount
GetSubMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetWindowTextA
ShowWindow
SetWindowPos
DispatchMessageA
GetPropA

gdi32

SetMapMode
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RestoreDC
SaveDC
ExtTextOutA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

SHFileOperationA
ShellExecuteA

comctl32

InitCommonControlsEx
ord17

winmm

PlaySoundA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b948d9c0c6016890c10412c9c330783e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dinput8

kernel32

user32

gdi32

winspool.drv

shell32

comctl32

winmm

oleaut32

Sections

.text Size: 525KB - Virtual size: 524KB

.rdata Size: 132KB - Virtual size: 132KB

.data Size: 12KB - Virtual size: 36KB

.rsrc Size: 213KB - Virtual size: 212KB

.text
Size: 525KB - Virtual size: 524KB

.rdata
Size: 132KB - Virtual size: 132KB

.data
Size: 12KB - Virtual size: 36KB

.rsrc
Size: 213KB - Virtual size: 212KB