2024-02-20_60b5e6962d9e7207e49c974f51d5d87f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_60b5e6962d9e7207e49c974f51d5d87f_icedid
Size

1.3MB
MD5

60b5e6962d9e7207e49c974f51d5d87f
SHA1

af28adcc3016cab134fbb818980ed9f84903b28e
SHA256

8ab7dfc3da034c2a8ec24b2f25226f5e2709ef09c2ba86ce87db544d841dd32a
SHA512

0a927e615e53102a7c9ab9c164576b9c39b21660a296703de3710d1e7ce4abd1bfc8a281969b2e5ffba8f4eab158b2123eca60e0c41cb4c98df3ee6d458afaca
SSDEEP

24576:V5PHFxk13pPKxXLydRiFlGM/YtvgBTYz4aNtQa7IKM+2141OVtLdj0q4:HPk13pi1LyDiFlGM/YtvaTYz4aNtQa7y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_60b5e6962d9e7207e49c974f51d5d87f_icedid

Files

2024-02-20_60b5e6962d9e7207e49c974f51d5d87f_icedid
.exe windows:4 windows x86 arch:x86

d80836a9a5185820075e5d7530aa029c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamSetFormat
AVIFileCreateStreamA
AVIStreamGetFrame
AVISaveOptionsFree
AVIFileRelease
AVIStreamWrite
AVIFileGetStream
AVIFileOpenA
CreateEditableStream
EditStreamCut
AVISaveVA
AVIFileExit
AVIClearClipboard
AVIFileInit
AVIStreamTimeToSample
AVIStreamRelease
AVIStreamGetFrameOpen
AVIStreamGetFrameClose
AVIStreamRead
AVIStreamLength
AVIStreamSampleToTime
AVIStreamInfoA
AVIStreamStart
EditStreamPaste
AVIStreamReadFormat

msvfw32

ord2
DrawDibOpen
DrawDibClose
DrawDibDraw
DrawDibRealize

winmm

mmioClose
waveOutGetNumDevs
waveInUnprepareHeader
waveInReset
waveInStop
waveOutClose
waveOutUnprepareHeader
waveOutPrepareHeader
sndPlaySoundA
waveOutOpen
waveOutGetPosition
waveOutReset
waveOutWrite
waveOutRestart
waveOutPause
waveInGetDevCapsA
waveInGetNumDevs
mmioAscend
mmioWrite
mmioRead
mmioCreateChunk
mmioSeek
mmioDescend
mmioOpenA
timeGetTime
waveInGetErrorTextA
waveInAddBuffer
waveInPrepareHeader
waveInStart
waveInOpen
waveInClose

msacm32

acmFormatTagDetailsA
acmDriverClose
acmStreamClose
acmStreamUnprepareHeader
acmStreamPrepareHeader
acmStreamSize
acmMetrics
acmFormatSuggest
acmStreamConvert
acmDriverOpen
acmStreamOpen
acmFormatChooseA

kernel32

GetTempFileNameA
GetDiskFreeSpaceA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
FindResourceExA
GlobalFlags
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetTickCount
HeapFree
GetFileTime
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
HeapReAlloc
ExitProcess
TerminateProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
SizeofResource
SetFileTime
GetFileAttributesA
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetProfileIntA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
InterlockedDecrement
SetLastError
FormatMessageA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
FreeResource
VirtualProtect
GetSystemDirectoryA
Sleep
GetCurrentThreadId
FindFirstFileA
FindClose
GetModuleFileNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetStdHandle
AllocConsole
SetConsoleScreenBufferSize
WriteConsoleA
MulDiv
lstrcatA
MoveFileA
DeleteFileA
LocalAlloc
LocalFree
CreateFileA
GetFileSize
GetFileInformationByHandle
FileTimeToDosDateTime
CloseHandle
GetWindowsDirectoryA
OpenFile
WinExec
lstrcpyA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalHandle
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
HeapAlloc

user32

DeleteMenu
SetParent
LockWindowUpdate
DestroyIcon
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
DrawIcon
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
RegisterClipboardFormatA
BeginPaint
GrayStringA
DrawTextA
TabbedTextOutA
FillRect
WindowFromPoint
KillTimer
SetTimer
ClientToScreen
SetRect
GetMenuItemInfoA
InflateRect
GetMessageA
GetCursorPos
ValidateRect
IsZoomed
DestroyMenu
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
SetMenuItemBitmaps
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenuItemID
GetMenuItemCount
GetSysColor
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
PtInRect
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
MapDialogRect
SetWindowPos
ShowWindow
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
GetParent
GetDesktopWindow
FindWindowA
LoadCursorA
SetCursor
ShowCursor
SetWindowTextA
GetScrollPos
CharUpperA
EnableWindow
SendMessageA
MessageBoxA
DispatchMessageA
TranslateMessage
IsRectEmpty
GetSysColorBrush
SetScrollPos
GetScrollRange
SetScrollRange
wvsprintfA
GetWindow
PostMessageA
UpdateWindow
MessageBoxExA
LoadBitmapA
DrawTextExA
GetWindowDC
SetWindowRgn
CopyRect
GetMenu
GetSubMenu
DestroyCursor
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
SetCapture
GetDCEx
EndDeferWindowPos
ModifyMenuA
GetSystemMetrics
GetWindowLongA
AdjustWindowRectEx
GetClientRect
GetWindowRect
SetMenu
LoadMenuA
GetDC
InvalidateRect
ReleaseDC
LoadStringA
wsprintfA
PeekMessageA
IsDialogMessageA
EndPaint

gdi32

BitBlt
PatBlt
GetDIBits
ExcludeClipRect
GetTextExtentPoint32A
GetClipBox
SetBkColor
CreateBitmap
GetTextMetricsA
ExtTextOutA
GetBkColor
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
StartDocA
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
UnrealizeObject
CreateRectRgnIndirect
SetRectRgn
GetMapMode
DPtoLP
GetViewportOrgEx
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
EnumFontFamiliesExA
GetTextColor
GetRgnBox
LPtoDP
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
GetObjectA
SetBkMode
SetTextColor
BeginPath
EndPath
FillPath
StretchDIBits
DeleteDC
GetPixel
StretchBlt
RoundRect
Rectangle
Ellipse
CombineRgn
CreateEllipticRgn
CreateRectRgn
CreateCompatibleBitmap
CreateFontIndirectA
CreateBrushIndirect
CreateSolidBrush
CreatePen
CreateDCA
CreateCompatibleDC
CreateFontA
SelectObject
GetCharWidthA
DeleteObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
GetFileTitleA
CommDlgExtendedError
PrintDlgA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegQueryValueA
RegOpenKeyExA
RegSetValueA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
SHGetSpecialFolderPathA

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
PropertySheetA

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal

oleaut32

SysAllocStringByteLen
SysStringLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
OleLoadPicture

Sections

.text
Size: 576KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 580KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d80836a9a5185820075e5d7530aa029c

Headers

File Characteristics

Imports

avifil32

msvfw32

winmm

msacm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 576KB - Virtual size: 572KB

.rdata Size: 164KB - Virtual size: 163KB

.data Size: 16KB - Virtual size: 48KB

.rsrc Size: 580KB - Virtual size: 578KB

.text
Size: 576KB - Virtual size: 572KB

.rdata
Size: 164KB - Virtual size: 163KB

.data
Size: 16KB - Virtual size: 48KB

.rsrc
Size: 580KB - Virtual size: 578KB