2024-02-17_d100bb5cdd2d7c326a639c56d1e983c4_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-17_d100bb5cdd2d7c326a639c56d1e983c4_icedid
Size

344KB
MD5

d100bb5cdd2d7c326a639c56d1e983c4
SHA1

e09f4706f1e43052f8fb4db7c6076d0aa1439f6a
SHA256

9a87e211d8ff56d851396a266b17d3dc91cfba42238702189c7fe52f735eeb11
SHA512

b6b1aa2224d9d3e1e3296a1471a9d23829fd4e4bcfa3ffe97383a7ab64c8586d658197c46141c366284d613ae5d35fbe182f2f286d7e69751e3b641710f88314
SSDEEP

6144:29cfDFp5BrUphGDIfctVS54VEfibkvhKcmYikR6Yo7Ff3abF:zfDFp5BrUphGDIU3SaafibkJ5rop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-17_d100bb5cdd2d7c326a639c56d1e983c4_icedid

Files

2024-02-17_d100bb5cdd2d7c326a639c56d1e983c4_icedid
.exe windows:4 windows x86 arch:x86

dcf2e2fabf8ba7783630d07207685ac4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
RtlUnwind
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WritePrivateProfileStringA
FileTimeToSystemTime
RaiseException
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
DeviceIoControl
GetTickCount
GetPrivateProfileIntA
GetPrivateProfileStringA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
CallNamedPipeA
CreateFileA
WriteFile
ReadFile
GetLastError
CloseHandle
DeleteFileA
LoadLibraryA
FreeLibrary
GetLocalTime
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
InterlockedDecrement
InterlockedIncrement

user32

RegisterClipboardFormatA
PostThreadMessageA
ReleaseCapture
SetCapture
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
SetCursor
PostQuitMessage
GetActiveWindow
CreateDialogIndirectParamA
EndDialog
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
ReleaseDC
GetDC
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsWindow
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetScrollPos
IsWindowVisible
GetMenu
PtInRect
SendMessageA
PostMessageA
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
SetActiveWindow
GetDesktopWindow
GetNextDlgTabItem
GetParent
SetForegroundWindow
GetSystemMetrics
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
GetWindowLongA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
SetWindowPos
OffsetRect
IntersectRect
GetWindowPlacement
GetWindow
CallWindowProcA
CharUpperA
SystemParametersInfoA
WindowFromPoint
IsRectEmpty
CharNextA
GetClassInfoExA
GetFocus
GetCursorPos
EnableWindow
GetKeyState
LoadCursorA
DrawFrameControl
FillRect
DrawFocusRect
HideCaret
ShowCaret
GetSysColor
BringWindowToTop
ShowWindow
FindWindowA
LoadIconA
RegisterClassA
DefDlgProcA
DrawIcon
AppendMenuA
GetSystemMenu
IsIconic
SetTimer
KillTimer
SetWindowLongA
wsprintfA
CopyRect
InflateRect

gdi32

CreateSolidBrush
GetMapMode
GetTextColor
GetRgnBox
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
PtVisible
ExtTextOutA
TextOutA
GetBkColor
GetStockObject
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
RectVisible

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

comctl32

ord17
ImageList_Draw
ImageList_Destroy
ImageList_LoadImageA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoTaskMemFree
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoTaskMemAlloc
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcf2e2fabf8ba7783630d07207685ac4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 248KB - Virtual size: 244KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 12KB - Virtual size: 30KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 12KB - Virtual size: 30KB

.rsrc
Size: 24KB - Virtual size: 22KB