2024-02-20_ab193c41eccd96a911beab2f1d40f51d_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_ab193c41eccd96a911beab2f1d40f51d_icedid
Size

439KB
MD5

ab193c41eccd96a911beab2f1d40f51d
SHA1

48afb40cf59e83751cebae6d77bacb7c043b6f6e
SHA256

0ba7f216067ed66fb4ab188c1186fdbe5ee4f5de2283dd8cbe3ef604731c4a14
SHA512

6c568ae1f91de87d459540187a02201cc1a4ceeb17b1d2150b39dc3aa9ab911a506fc1c2ea25652959df7ad24be681f3ae9fa8dc61a2f32a5a97eeacc9fb4adf
SSDEEP

12288:HzwhCov9amSbSXWPXQrRssYfO3HlEXMOEPo:TyfrSbsWPCssYfO3l8Mo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_ab193c41eccd96a911beab2f1d40f51d_icedid

Files

2024-02-20_ab193c41eccd96a911beab2f1d40f51d_icedid
.exe windows:5 windows x86 arch:x86

33743b8ff18819bf270f6c066a369632

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

\\tsclient\c\work\wifi\NETConnect\Release\NETConnect.pdb

Imports

kernel32

HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
HeapReAlloc
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
FileTimeToSystemTime
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetCurrentThreadId
CloseHandle
FreeLibrary
InterlockedDecrement
GlobalFree
GlobalAlloc
FormatMessageW
LocalFree
GetCurrentProcessId
GetModuleFileNameW
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
WideCharToMultiByte
Sleep
lstrcmpiW
lstrlenW
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetCPInfo
MultiByteToWideChar
lstrlenA
GetVersionExW
GetACP
GetVersion

user32

LoadCursorW
UnregisterClassW
IsRectEmpty
SetCapture
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CharUpperW
RegisterClipboardFormatW
PostThreadMessageW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
IntersectRect
DestroyMenu
GetMenuStringW
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxW
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
SetWindowLongW
IsWindow
SetRectEmpty
PtInRect
DrawIcon
IsIconic
GetSystemMenu
LoadIconW
KillTimer
SetTimer
LoadImageW
CreateIconIndirect
GetIconInfo
DrawStateW
GetClientRect
DrawFocusRect
OffsetRect
InflateRect
FrameRect
PostMessageW
GetWindowRect
ReleaseCapture
GetActiveWindow
WindowFromPoint
ClientToScreen
InvalidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CreateDialogIndirectParamW
EndDialog
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageW
GetWindowLongW
DestroyCursor
GrayStringW
DrawTextExW
TabbedTextOutW
EnableWindow
GetSubMenu
LoadBitmapW
GetSysColorBrush
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuState
ModifyMenuW
GetMenuItemCount
AppendMenuW
ReleaseDC
GetDC
GetDesktopWindow
GetSystemMetrics
DestroyIcon
DrawIconEx
SystemParametersInfoW
DrawTextW
GetMenuItemInfoW
SetRect
DrawEdge
FillRect
GetSysColor
CopyRect
EqualRect

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SetViewportOrgEx
GetWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetClipBox
SetMapMode
GetViewportExtEx
ExcludeClipRect
MoveToEx
LineTo
CreateCompatibleDC
SetBkMode
RestoreDC
SaveDC
StretchDIBits
GetCharWidthW
CreateFontW
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
PatBlt
SetPixel
GetPixel
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
GetBkMode
CreatePen
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
IntersectClipRect

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW

shell32

ShellExecuteExW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
OleUninitialize
CLSIDFromProgID
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysFreeString
SysStringLen
SysAllocStringLen

wlanapi

WlanSetProfile
WlanDisconnect
WlanGetAvailableNetworkList
WlanCloseHandle
WlanFreeMemory
WlanEnumInterfaces
WlanOpenHandle
WlanConnect

ws2_32

WSAStartup
htons
inet_addr
WSACleanup
socket
recvfrom
sendto

Sections

.text
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33743b8ff18819bf270f6c066a369632

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wlanapi

ws2_32

Sections

.text Size: 309KB - Virtual size: 308KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 309KB - Virtual size: 308KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 41KB - Virtual size: 41KB