2024-02-20_e848852158b67fb299cab58c9881b5b0_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_e848852158b67fb299cab58c9881b5b0_icedid
Size

1.6MB
MD5

e848852158b67fb299cab58c9881b5b0
SHA1

dc119337e7d3d83cca2cd4ea8f038e8a38391b45
SHA256

25140814a7a7e46971a2b35817cbc3ba0d72575e15b81890f7be700b1dc0abb6
SHA512

cb73cbd4945dbc67f31db3a2821c176ef83374dd9bd8d388f291ec9c2b71af1a5a62a94d558384a0eac7eba6a4eb6bb8b176de2d02eb40ed01b1fd1522d528ed
SSDEEP

24576:6hnlxiWWi9uhMsoVsjtCS3EvcuGvIQ9MTM:aiWWi9uhMpqjtCS0KIQ9MTM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_e848852158b67fb299cab58c9881b5b0_icedid

Files

2024-02-20_e848852158b67fb299cab58c9881b5b0_icedid
.exe windows:4 windows x86 arch:x86

6f96e4bfc111ada99e5e113aad968563

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
TerminateProcess
SetHandleCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
ExitProcess
GetCommandLineA
GetStartupInfoA
GetVersionExA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
HeapReAlloc
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DeleteFileA
MoveFileA
GetCurrentDirectoryA
SystemTimeToFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
LocalAlloc
GetTickCount
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrcmpA
GlobalFree
CopyFileA
GlobalAlloc
FormatMessageA
LocalFree
GetModuleFileNameA
InterlockedDecrement
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GetLastError
lstrlenA
lstrcmpiA
GetStringTypeExA
lstrlenW
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
MulDiv
GlobalSize
GlobalLock
GlobalUnlock
GlobalReAlloc
ClearCommError
EscapeCommFunction
ReadFile
WriteFile
GetCommState
SetCommState
SetupComm
CreateFileA
PurgeComm
CloseHandle
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetEnvironmentStringsW

user32

GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
GetMenuItemInfoA
SetWindowContextHelpId
MapDialogRect
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
ShowOwnedPopups
PostQuitMessage
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
AppendMenuA
InsertMenuA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
SetWindowRgn
DrawIcon
IsRectEmpty
FindWindowA
EndPaint
BeginPaint
GetWindowDC
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
PostThreadMessageA
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
LoadIconA
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowPos
IsIconic
GetWindowPlacement
CopyRect
GetWindow
DrawStateA
SetRectEmpty
GetNextDlgGroupItem
GetIconInfo
WindowFromPoint
DestroyIcon
CharUpperA
SetMenu
DestroyMenu
RedrawWindow
UpdateWindow
OffsetRect
GetCapture
GetFocus
ClipCursor
ScreenToClient
GetWindowRect
PtInRect
InvertRect
GetMessagePos
GetSystemMetrics
IsClipboardFormatAvailable
IntersectRect
MessageBeep
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetCursorPos
IsWindow
GetClassInfoA
DefWindowProcA
LoadCursorA
DrawEdge
FrameRect
FillRect
InflateRect
SetRect
SetCursor
GetSysColor
GetDC
ReleaseDC
SystemParametersInfoA
GetSysColorBrush
SetParent
GetSystemMenu
DeleteMenu
BeginDeferWindowPos
IsZoomed
ClientToScreen
LoadMenuA
GetSubMenu
wsprintfA
GetWindowLongA
SetWindowLongA
SendMessageA
LoadImageA
KillTimer
SetTimer
UnregisterClassA
MessageBoxA
wsprintfW
EnableWindow
GetParent
SetCapture
InvalidateRect
GetClientRect
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DrawFocusRect
LoadBitmapA
GetKeyState
PostMessageA
ReleaseCapture
GetForegroundWindow

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
OffsetWindowOrgEx
Ellipse
CopyMetaFileA
GetCharWidthA
GetTextMetricsA
GetTextColor
GetRgnBox
SetDIBitsToDevice
StretchBlt
RealizePalette
SelectObject
Rectangle
GetViewportOrgEx
SetViewportOrgEx
DeleteObject
CreateSolidBrush
CreateFontA
EndDoc
AbortDoc
EndPage
StartPage
SetWindowOrgEx
ScaleViewportExtEx
SetStretchBltMode
SetViewportExtEx
OffsetViewportOrgEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateEllipticRgn
GetObjectA
StartDocA
CreatePen
GetCurrentObject
GetDeviceCaps
GetTextExtentPoint32A
CreateFontIndirectA
CreateHalftonePalette
CreatePalette
GetDIBColorTable
GetStockObject
Escape
ExtTextOutA
TextOutA
GetPixel
BitBlt
RectVisible
PtVisible
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
StretchDIBits

comdlg32

CommDlgExtendedError
PrintDlgA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegSetValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
RegCloseKey
GetFileSecurityA

shell32

DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetImageCount
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleGetClipboard
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CreateBindCtx
CoTaskMemFree
ReleaseStgMedium
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject

oleaut32

SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
VarUdateFromDate
SysFreeString

ws2_32

ioctlsocket
recv
send
socket
htons
connect
closesocket
WSACleanup
WSAStartup

Sections

.text
Size: 560KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 948KB - Virtual size: 945KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f96e4bfc111ada99e5e113aad968563

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 560KB - Virtual size: 558KB

.rdata Size: 120KB - Virtual size: 116KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 948KB - Virtual size: 945KB

.text
Size: 560KB - Virtual size: 558KB

.rdata
Size: 120KB - Virtual size: 116KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 948KB - Virtual size: 945KB