2024-02-19_19a4cc17d2d4a2723059d198ff2f2577_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-19_19a4cc17d2d4a2723059d198ff2f2577_icedid
Size

1.7MB
MD5

19a4cc17d2d4a2723059d198ff2f2577
SHA1

aa676d29e665934acd20d88b7ffcb90cccd0f686
SHA256

aa7e3a9dad9099bf347e0ecc94b5bc7c12e68eb58e1987b0681036e1c537ebb0
SHA512

e9adf947665e7d72c2ac6fe69c738c7bf11c9b683783334b562c947acd9e2b4f79c53c33aaa2f3e07b46f94ed1c13bba39412863de47273c3122b9e57ddea4d7
SSDEEP

12288:v5XjDoOm7WoZu/9KfjEC2CzQ6GzIiswFGNzoM32FKsvJ86FdW55GD3yh3gJQYbPG:dnMWA+lc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-19_19a4cc17d2d4a2723059d198ff2f2577_icedid

Files

2024-02-19_19a4cc17d2d4a2723059d198ff2f2577_icedid
.exe windows:4 windows x86 arch:x86

ce393fec32ebce96c5c188eda27ea927

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathFindFileNameW

setupapi

SetupDiGetClassDevsW
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

ws2_32

bind
closesocket
setsockopt
select
recv
send
sendto
recvfrom
ioctlsocket
gethostbyname
socket
connect
htons
inet_addr
accept
WSAStartup

iphlpapi

GetNetworkParams
GetAdaptersInfo
GetInterfaceInfo
IpRenewAddress

kernel32

TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
FindResourceExW
SetErrorMode
GetPrivateProfileIntW
GetStartupInfoW
EnterCriticalSection
HeapReAlloc
ExitThread
CreateThread
ExitProcess
TerminateProcess
HeapSize
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
VirtualProtect
InterlockedDecrement
FormatMessageW
lstrcpynW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
GetVersionExA
FreeResource
GetSystemDefaultLangID
WritePrivateProfileStringW
WriteFile
SetLastError
GetCurrentProcess
GetSystemInfo
GetCurrentDirectoryW
CreateMutexW
GetModuleHandleW
ReleaseMutex
GetModuleFileNameW
GetSystemDirectoryW
GetFileAttributesW
Sleep
lstrcmpW
lstrlenW
HeapAlloc
HeapFree
GlobalLock
GlobalUnlock
GlobalFree
CreateEventW
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
ResetEvent
lstrcatW
LocalFree
LocalAlloc
GlobalAlloc
FreeLibrary
LoadLibraryW
GetProcAddress
MulDiv
lstrcpyW
WideCharToMultiByte
GetLastError
GetVersion
GetWindowsDirectoryW
GetTickCount
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCommandLineW
FindResourceW
LoadResource
LockResource
SizeofResource
RtlUnwind

user32

GetSysColorBrush
PostQuitMessage
GetMessageW
ValidateRect
MapDialogRect
GetAsyncKeyState
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
wsprintfW
SetMenuItemBitmaps
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxW
TrackPopupMenu
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
GetScrollInfo
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
PtInRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
IsWindowEnabled
EndDialog
LoadStringW
GetDlgItem
FindWindowW
ShowWindow
SetForegroundWindow
PeekMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics
GetClassNameW
LoadBitmapW
SetRect
GetWindow
IntersectRect
LoadCursorW
GetKeyState
IsWindowVisible
UpdateWindow
keybd_event
LoadIconW
KillTimer
SetTimer
GetCursorPos
RedrawWindow
ModifyMenuW
DestroyMenu
LoadMenuW
DestroyCursor
LoadImageW
GetSubMenu
TrackPopupMenuEx
PostMessageW
SetCursor
GetWindowLongW
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SendMessageW
DrawFocusRect
FrameRect
FillRect
OffsetRect
InflateRect
CopyRect
GetSysColor
GetIconInfo
GetDC
CreateIconIndirect
ReleaseDC
DrawStateW
DestroyIcon
EnableWindow
IsIconic

gdi32

EnumFontFamiliesExW
ScaleWindowExtEx
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
RestoreDC
SaveDC
GetClipBox
CreatePen
CreateSolidBrush
GetTextExtentPoint32W
SetTextAlign
SetBkMode
ExtTextOutW
MoveToEx
GetDeviceCaps
CreateFontIndirectW
CreateCompatibleBitmap
GetObjectW
GetPixel
SetPixel
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject
ScaleViewportExtEx
DeleteObject
LineTo
SetMapMode

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueW
RegOpenKeyW
RegDeleteKeyW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
ShellExecuteExW

comctl32

_TrackMouseEvent
ord17
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

ole32

CreateStreamOnHGlobal

oleaut32

VariantInit
VariantChangeType
VariantClear
OleLoadPicture

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce393fec32ebce96c5c188eda27ea927

Headers

File Characteristics

Imports

shlwapi

setupapi

ws2_32

iphlpapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

version

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 8KB - Virtual size: 41KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 8KB - Virtual size: 41KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB