2024-02-21_c8ed3f62f37ea6a3847be399f4c19dba_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-21_c8ed3f62f37ea6a3847be399f4c19dba_icedid
Size

572KB
MD5

c8ed3f62f37ea6a3847be399f4c19dba
SHA1

d0be4ef1c73837fd39603258a75ed732e1d8f1a2
SHA256

9cd2782add1b805ff5646c605c93c6ae62203d033f4cca91389445e33aebd2c5
SHA512

a28342b0080d2182871fa0dde8b9660b8265c4c7d57b0defdcf127aaf38951714295e2cae6ee45c68ba9f1cdfa06718ef449b27fa0fafb49b285980dfc284267
SSDEEP

6144:XzWEoDnKEbhyFvNlwieV7i3T1FGXkic3vOlesJMTZAsT3AptfyTMioN6g+Hq213:XmDPC33Rvic6kZAXoNL3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-21_c8ed3f62f37ea6a3847be399f4c19dba_icedid

Files

2024-02-21_c8ed3f62f37ea6a3847be399f4c19dba_icedid
.exe windows:4 windows x86 arch:x86

e28a5c34f025e99aadc3d1cfa1c28931

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

imm32

ImmNotifyIME
ImmGetContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetCompositionStringA
ImmReleaseContext

kernel32

GetStdHandle
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
HeapCreate
ExitProcess
GetStartupInfoA
GetProcessHeap
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
HeapReAlloc
RaiseException
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
GetCurrentDirectoryA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
HeapDestroy
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetProfileIntA
GlobalReAlloc
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
GetModuleFileNameW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
CopyFileA
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetCurrentProcessId
GetModuleHandleA
GlobalGetAtomNameA
GlobalAddAtomA
SetLastError
LoadLibraryA
GetProcAddress
lstrcmpA
GetStringTypeExA
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
GetLastError
MultiByteToWideChar
InterlockedExchange
GetTickCount
GetLocaleInfoA
GetModuleFileNameA
GetVersionExA
lstrlenA
MulDiv
IsDBCSLeadByte
lstrcpyA
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
VirtualFree
IsValidCodePage
GetACP
DeleteCriticalSection
HeapSize
GetTimeZoneInformation

user32

CopyAcceleratorTableA
CreateMenu
GetTabbedTextExtentA
LockWindowUpdate
SetParent
DestroyCursor
GetMenuItemInfoA
SetWindowRgn
DrawIcon
FindWindowA
IsZoomed
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
IsClipboardFormatAvailable
CreateDialogIndirectParamA
EndDialog
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxA
GetClassInfoExA
RegisterClassA
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
RegisterWindowMessageA
GetClassNameA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
WinHelpA
SetFocus
GetWindowThreadProcessId
IsWindowEnabled
GetDlgItem
GetDlgCtrlID
LoadIconA
PeekMessageA
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
IsIconic
InsertMenuItemA
CreatePopupMenu
GetClassInfoA
SetRectEmpty
GetLastActivePopup
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetWindowLongA
SetWindowLongA
IsWindow
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
GetActiveWindow
DrawMenuBar
CreateWindowExA
GetMenuItemCount
GetMenuItemID
DefMDIChildProcA
GetMenu
DefFrameProcA
GetKeyState
GetParent
GetNextDlgTabItem
GetFocus
CharUpperA
GetSystemMetrics
RegisterClipboardFormatA
GetCursorPos
GetAsyncKeyState
ScreenToClient
LoadMenuA
GetSubMenu
UpdateWindow
MapDialogRect
LoadImageA
SetCursor
ReleaseCapture
LoadCursorA
PostThreadMessageA
DestroyIcon
UnregisterClassA
GetSysColorBrush
GetDCEx
GetSystemMenu
DeleteMenu
GetScrollRange
WindowFromPoint
SetCapture
GetCapture
KillTimer
SetTimer
InvalidateRect
GetClientRect
PostMessageA
DestroyCaret
GetWindowRect
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
ReleaseDC
GetDC
ClientToScreen
InvertRect
IntersectRect
EqualRect
OffsetRect
SetRect
PtInRect
IsRectEmpty
GetSysColor
SendMessageA
EnableWindow
DrawFocusRect
FrameRect
FillRect
InflateRect
CopyRect
SetForegroundWindow

gdi32

ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
SetMapMode
CreatePatternBrush
SetRectRgn
CreateFontA
CreateEllipticRgn
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetBkColor
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetWindowOrgEx
EnumFontFamiliesExA
PatBlt
GetKerningPairsA
GetOutlineTextMetricsA
GetCharWidthA
GetTextMetricsA
SetPixelV
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
GetTextExtentPoint32A
BitBlt
DPtoLP
SetBrushOrgEx
CreateCompatibleBitmap
CreatePen
UnrealizeObject
DeleteObject
GetDIBColorTable
CreateCompatibleDC
GetStockObject
SelectObject
GetTextCharset
GetDeviceCaps
RoundRect
Rectangle
Polygon
Ellipse
LPtoDP
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateRectRgnIndirect
GetObjectA
CreateFontIndirectA
CreateBrushIndirect
CreateSolidBrush
CreatePenIndirect
SetStretchBltMode
StretchDIBits
CreatePalette
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
RegSetValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleDestroyMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

VariantClear
SysAllocStringLen
VariantChangeType
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 388KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e28a5c34f025e99aadc3d1cfa1c28931

Headers

File Characteristics

Imports

version

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

oleacc

Sections

.text Size: 388KB - Virtual size: 384KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 388KB - Virtual size: 384KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 68KB - Virtual size: 64KB