2024-02-20_7b8fd936f18308e8acfe21b2a3fa22ee_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_7b8fd936f18308e8acfe21b2a3fa22ee_icedid
Size

16.8MB
MD5

7b8fd936f18308e8acfe21b2a3fa22ee
SHA1

ebf87298456a5b64632adea6ee1e0652960f80c9
SHA256

37c5ea5ebbb1edfb31c1ec28715792c117cf7bff9e64f31e2e850bf015d15fde
SHA512

56802299fb7c1b75d09247f4e0a5894d4abbfda8035cdf0868708b11589cb968ba03c938db7f2752594ced0cc7f853b3e5cbf9a3a00d392f39416f7cc99209a7
SSDEEP

393216:07amDiivgozzLrRmagLaQm9DsKSIoSNCsA9U4MJoCAlyBkVi2UJXJGtzj6EA5lv9:wmL8don7UWj6EevNppCs3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_7b8fd936f18308e8acfe21b2a3fa22ee_icedid

Files

2024-02-20_7b8fd936f18308e8acfe21b2a3fa22ee_icedid
.exe windows:4 windows x86 arch:x86

74aecbd38db44ed5c560cf0c7666e415

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawTextA
GetWindowRect
GetWindowLongA
KillTimer
HideCaret
GetSysColor
DrawMenuBar
DeleteMenu
LoadMenuA
EnableMenuItem
ReleaseCapture
GetDesktopWindow
EqualRect
ModifyMenuA
LoadIconA
IsWindowVisible
SetTimer
GetClipboardData
SetScrollPos
SetScrollRange
GetScrollPos
InflateRect
PostMessageA
GetSysColorBrush
SetParent
GetSystemMenu
GetAsyncKeyState
RedrawWindow
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
GetMenuItemInfoA
GetDCEx
DestroyCursor
RegisterClipboardFormatA
GetWindowTextA
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetWindowRgn
DrawIcon
FindWindowA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowDC
GetMenuStringA
AppendMenuA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetPropA
SendDlgItemMessageA
GetWindowTextLengthA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetScrollRange
SetForegroundWindow
ShowScrollBar
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
DrawEdge
GetSystemMetrics
IsClipboardFormatAvailable
SetActiveWindow
SetFocus
ClientToScreen
SetCursor
GetCursorPos
GetKeyState
ReleaseDC
MessageBeep
GetTabbedTextExtentA
DestroyIcon
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageA
CreateMenu
LockWindowUpdate
DrawFocusRect
FillRect
GetDC
WindowFromPoint
SetPropA
RemovePropA
IsIconic
EndPaint
BeginPaint
ScreenToClient
SetWindowLongA
CallWindowProcA
UnregisterClassA
LoadBitmapA
TabbedTextOutA
DrawTextExA
GrayStringA
SetWindowContextHelpId
DefWindowProcA
SystemParametersInfoA
GetMenuState
CheckMenuItem
CopyRect
SetCapture
IsRectEmpty
PtInRect
GetMenu
GetSubMenu
GetMenuItemCount
RemoveMenu
InsertMenuA
IsZoomed
OffsetRect
InvalidateRect
GetFocus
MessageBoxA
SetRect
CharUpperA
ExitWindowsEx
LoadCursorA
BringWindowToTop
GetClientRect
GetParent
UpdateWindow
SendMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
EnableWindow
GetWindowPlacement
RegisterWindowMessageA
wsprintfA
DestroyMenu
GetClassNameA
SetWindowPos
WinHelpA
GetActiveWindow
GetDlgItem
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
PeekMessageA
GetCapture
LoadAcceleratorsA
InsertMenuItemA
GetMenuItemID
CreatePopupMenu
IntersectRect
SetRectEmpty
GetLastActivePopup
SetMenu
ShowWindow
IsWindow
GetWindow
IsWindowEnabled
TranslateAcceleratorA
GetDlgCtrlID
IsChild
AdjustWindowRectEx

kernel32

GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
FreeResource
LocalFree
FormatMessageA
MulDiv
SetLastError
lstrcpyA
InterlockedDecrement
lstrcmpA
EnumResourceLanguagesA
ConvertDefaultLocale
GetModuleFileNameA
GetCurrentThread
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetTickCount
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcmpW
DuplicateHandle
FindClose
GetFullPathNameA
GetShortPathNameA
SetFileTime
GetFileTime
GetTempFileNameA
GetDiskFreeSpaceA
GlobalReAlloc
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
VirtualProtect
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
GlobalFlags
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
SetErrorMode
LocalFileTimeToFileTime
FindResourceExA
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetModuleHandleA
GlobalGetAtomNameA
GlobalAddAtomA
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetSystemTime
lstrcatA
GetProfileIntA
FreeLibrary
LoadLibraryA
GetProcAddress
lstrcpynA
MoveFileA
Sleep
GetFileAttributesA
WaitForSingleObject
CreateProcessA
MoveFileExA
FindFirstFileA
DeleteFileA
RemoveDirectoryA
GlobalFree
lstrlenA
lstrcmpiA
GetStringTypeExA
CompareStringA
CompareStringW
MultiByteToWideChar
InterlockedExchange
GetVersion
CopyFileA
GetCurrentProcess
GetLastError
CreateFileA
CloseHandle
DeviceIoControl
GetLogicalDriveStringsA
GetVolumeInformationA
GetDriveTypeA
GetCurrentDirectoryA
CreateDirectoryA
SetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
GetFileSize

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
CreateEllipticRgn
CreateRectRgnIndirect
GetViewportOrgEx
SetAbortProc
AbortDoc
UnrealizeObject
SetRectRgn
CombineRgn
CreateDCA
EnumFontFamiliesExA
GetWindowOrgEx
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
GetRgnBox
GetTextColor
GetBkColor
GetCharWidthA
StretchDIBits
SetViewportOrgEx
SelectObject
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
GetClipBox
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateBitmap
StretchBlt
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
PatBlt
LPtoDP
GetCurrentObject
GetTextMetricsA
GetTextExtentPoint32A
Rectangle
Ellipse
DPtoLP
CreateFontA
CreateSolidBrush
GetDeviceCaps
SetMapMode
StartDocA
StartPage
EndPage
EndDoc
SetTextColor
GetObjectA
CreateFontIndirectA
GetMapMode

comdlg32

PrintDlgA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ChooseFontA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA

shell32

SHGetPathFromIDListA
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
SHGetMalloc
ExtractIconA
SHBrowseForFolderA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_LoadImageA
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA

oledlg

ord8

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleRun
CoCreateInstance
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree

oleaut32

OleCreateFontIndirect
LoadRegTypeLi
DispCallFunc
SafeArrayDestroy
SafeArrayPutElement
VariantCopy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
SysAllocString
SysFreeString
VariantClear

urlmon

URLDownloadToFileA

odbc32

ord51
ord50
ord45
ord14
ord9
ord15
ord1
ord2
ord10
ord41

wininet

InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA

Sections

.text
Size: 13.6MB - Virtual size: 13.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 935KB - Virtual size: 935KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74aecbd38db44ed5c560cf0c7666e415

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

odbc32

wininet

Sections

.text Size: 13.6MB - Virtual size: 13.6MB

.rdata Size: 935KB - Virtual size: 935KB

.data Size: 13KB - Virtual size: 55KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 13.6MB - Virtual size: 13.6MB

.rdata
Size: 935KB - Virtual size: 935KB

.data
Size: 13KB - Virtual size: 55KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB