2024-02-18_7b0318e6f35242b38ed12539e2102295_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-18_7b0318e6f35242b38ed12539e2102295_icedid
Size

518KB
MD5

7b0318e6f35242b38ed12539e2102295
SHA1

3074816bead9fe5a75eb503448ad81ea14f1f3aa
SHA256

6aefa073c6698224d788c396e0e7b9c13af33720ee784bfd3a43dc528b4ad390
SHA512

b9a16f1fbb8bce4cd2f29c66d51fef63178db1515fc229c8e4191823b62abc68779a3e12bbd4522dbe353ee564eae5d4183fa9d21958103397d2b1a2289f9a4c
SSDEEP

12288:thCzGcNHZxGMsWxWNxTH0k40FnTCJOz4vy+Nh:H2e6xUTH0gFGJE4Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-18_7b0318e6f35242b38ed12539e2102295_icedid

Files

2024-02-18_7b0318e6f35242b38ed12539e2102295_icedid
.exe windows:5 windows x86 arch:x86

ed961525d73702ca91335cbe773c0086

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

kernel32

GetFileTime
SetErrorMode
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapFree
GetCommandLineA
GetStartupInfoA
HeapAlloc
Sleep
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
GetACP
GetFileSizeEx
GetStdHandle
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetFileAttributesA
FileTimeToLocalFileTime
GetOEMCP
GetCPInfo
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetModuleHandleW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
WritePrivateProfileStringA
InterlockedDecrement
GetModuleFileNameW
GetThreadLocale
InterlockedIncrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalAddAtomA
WaitForSingleObject
CloseHandle
SetLastError
GlobalFree
GlobalUnlock
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
FormatMessageA
GetUserDefaultLangID
FreeResource
FindFirstFileA
FileTimeToSystemTime
FindClose
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileStringA
GetTickCount
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
IsValidCodePage

user32

RegisterClipboardFormatA
PostThreadMessageA
LoadCursorA
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
CharNextA
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
UnregisterClassA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CharUpperA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
GetSysColorBrush
ReleaseCapture
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemCount
PostQuitMessage
RegisterWindowMessageA
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
LoadMenuA
GetSubMenu
GetMenuItemID
SetWindowLongA
CallWindowProcA
PostMessageA
GetSystemMetrics
LoadIconA
EnableWindow
SetTimer
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
FindWindowA
ShowWindow
SetForegroundWindow
UpdateWindow

gdi32

ScaleWindowExtEx
GetWindowExtEx
ExtSelectClipRgn
DeleteDC
SetWindowExtEx
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetDeviceCaps
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetTextColor
GetBkColor
GetStockObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

Shell_NotifyIconA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SafeArrayDestroy
VariantCopy
SysAllocString
OleCreateFontIndirect
VariantInit
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
SysStringLen
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear

ws2_32

select
gethostbyname
htonl
htons
inet_addr
bind
WSAGetLastError
socket
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
accept
closesocket
WSACleanup
WSAStartup

Sections

.text
Size: 397KB - Virtual size: 397KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed961525d73702ca91335cbe773c0086

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 397KB - Virtual size: 397KB

.rdata Size: 87KB - Virtual size: 87KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 397KB - Virtual size: 397KB

.rdata
Size: 87KB - Virtual size: 87KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 19KB - Virtual size: 19KB