2024-02-17_c75dc1deff9de90e5491553149148916_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-17_c75dc1deff9de90e5491553149148916_icedid
Size

904KB
MD5

c75dc1deff9de90e5491553149148916
SHA1

224fd5a93f5ccbda3a844dd21b4c4fc08b521b5e
SHA256

fbcbfc95a42ec6cb9635f729b54c3107e11bee7f5c93430df9f8675dcd3d0e0d
SHA512

9840ef647fa9e55c35d67c84769b83e3d34e9bb3a3c36fbaf423393547064564fd148519e2e00eec9f317f7e9f17788e894046cfc0e739ea57535b032982f426
SSDEEP

6144:1hu0azmWjR8BFM3dejNGVpTaGeYPNdHxagTe8Xa6xuLOhFv0fkdLZ:1huqi8B1NGv+GbPNLagCu5Fv0fkd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-17_c75dc1deff9de90e5491553149148916_icedid

Files

2024-02-17_c75dc1deff9de90e5491553149148916_icedid
.exe windows:4 windows x86 arch:x86

668114bde19eef0a6ea60d8a865c0c2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSACleanup
gethostname

kernel32

RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
ExitProcess
ExitThread
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
SetErrorMode
CreateFileA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrcmpA
RaiseException
ResumeThread
InterlockedDecrement
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
SetLastError
GlobalFree
MulDiv
GlobalAlloc
lstrcpynA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
CreateThread
CreateNamedPipeA
ConnectNamedPipe
ReadFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
FormatMessageA
LocalFree
LoadResource
LockResource
SizeofResource
FindResourceA
GetLastError
GetModuleHandleA
GetCurrentProcess
SetPriorityClass
Sleep
WinExec
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
GetFileAttributesA
GetModuleFileNameA
lstrlenA
lstrcmpiA
WideCharToMultiByte
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
IsBadWritePtr

user32

GetSysColorBrush
ShowOwnedPopups
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ValidateRect
GetMenuItemInfoA
InflateRect
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
RegisterClassA
CallWindowProcA
GetWindowPlacement
PtInRect
GetMenuState
RegisterWindowMessageA
wsprintfA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
SetCursor
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
InsertMenuItemA
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
SetMenu
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
TranslateAcceleratorA
SetForegroundWindow
PostMessageA
GetMenuItemID
GetCursorPos
TrackPopupMenu
LoadMenuA
GetSubMenu
SetMenuDefaultItem
GetWindowLongA
SetWindowLongA
DestroyWindow
UnregisterClassA
LoadImageA
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
BeginPaint
GetClientRect
EndPaint
DefWindowProcA
LoadCursorA
DrawIcon
GetWindowRect
GetWindowDC
ReleaseDC
GetSystemMetrics
EnableWindow
SystemParametersInfoA
SendMessageA
LoadIconA
SetTimer
MessageBoxA
KillTimer
PeekMessageA
PostQuitMessage

gdi32

CreateSolidBrush
GetTextExtentPoint32A
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetStockObject
Rectangle
DeleteObject
CreateFontIndirectA
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateCompatibleBitmap
GetObjectA
CreateCompatibleDC
BitBlt
DeleteDC
CreatePen
SelectObject

comdlg32

CommDlgExtendedError
PrintDlgA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
OpenServiceA
OpenSCManagerA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
QueryServiceStatus
StartServiceA
ControlService
RegOpenKeyA
CloseServiceHandle
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA

shell32

DragFinish
DragQueryFileA
Shell_NotifyIconA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

OleUninitialize
OleInitialize
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString

oleaut32

SystemTimeToVariantTime
SysAllocString
SysStringLen
SysFreeString
VariantInit
VariantChangeType
GetActiveObject
VariantClear

Sections

.text
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 432KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

668114bde19eef0a6ea60d8a865c0c2f

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 380KB - Virtual size: 377KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 432KB - Virtual size: 428KB

.text
Size: 380KB - Virtual size: 377KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 432KB - Virtual size: 428KB