2024-02-18_4014dd3efc7a0f26de49cbe3bb27c3b9_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-18_4014dd3efc7a0f26de49cbe3bb27c3b9_icedid
Size

172KB
MD5

4014dd3efc7a0f26de49cbe3bb27c3b9
SHA1

c58b7b8936c621cc7e3a93863776cf5e665451e8
SHA256

1bb78e7c1eec53ec446c379fe2f40d10e22739f6769071cf1a28e051bf70ad6d
SHA512

ff21a13b2432056b6a4f0bc7a81bf0564f20f352318ce66c83fd5f047eea124317680bca76b18cb3d483be02a648064fee5ee3cf75a1ff5c6c4db2f2a15ead5f
SSDEEP

3072:jVGFPI8xS2/3V/BSz8ox0mDnAOCjtlNxRG/lL4:hGFge/DSIOfDTwtrxA4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-18_4014dd3efc7a0f26de49cbe3bb27c3b9_icedid

Files

2024-02-18_4014dd3efc7a0f26de49cbe3bb27c3b9_icedid
.exe windows:4 windows x86 arch:x86

6a0aef0ad04341572a053a99c50eba28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrcmpW
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
WritePrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
HeapAlloc
GetFileTime
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
TerminateProcess
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
SetErrorMode
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCommandLineA
GetModuleHandleA
lstrlenA
lstrcpyA
lstrcatA
CreateFileA
CreateFileMappingA
GetFileSize
MapViewOfFile
CloseHandle
HeapFree
UnmapViewOfFile

user32

DestroyMenu
SetWindowTextA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetForegroundWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
CharUpperA
ShowWindow
PtInRect
GetWindow
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadIconA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnregisterClassA
GetSystemMetrics
wsprintfA
PostQuitMessage
PostMessageA
GetSysColorBrush
GetSysColor
GetWindowTextA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetDC
ReleaseDC

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA

gdi32

DeleteDC
CreateBitmap
Escape
GetStockObject
SaveDC
RestoreDC
SetBkColor
SetTextColor
SetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetDeviceCaps
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox
SelectObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a0aef0ad04341572a053a99c50eba28

Headers

File Characteristics

Imports

kernel32

user32

comctl32

shlwapi

gdi32

winspool.drv

comdlg32

advapi32

oleaut32

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 160B

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 160B