2024-02-22_740050737068a245f7383fa6b9cbbc0f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-22_740050737068a245f7383fa6b9cbbc0f_icedid
Size

596KB
MD5

740050737068a245f7383fa6b9cbbc0f
SHA1

11ac6a4731e0ad53744eb6687eb027ff5a991e48
SHA256

4185322490538fd2f5d8da9285c2c38d0b609346e0fa47f4d1fec44f5657e1c5
SHA512

79b8b5b621a8e9da331b54ba7dfae2f588fd1237cf93829ec5677f36ff1e51cf2d1d9441e77d5766b7f56bb69b68b97365456141410417229b90a44620189e72
SSDEEP

12288:ZqDNOAK9JeO5zeKYG7CZol5E9BdZvOtRCHbI7XmuixPuK8esgUksmYx2evi2kb8k:KNu/zzeKYKAe5E7DvOtRCHbI7Xmuixm2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-22_740050737068a245f7383fa6b9cbbc0f_icedid

Files

2024-02-22_740050737068a245f7383fa6b9cbbc0f_icedid
.exe windows:4 windows x86 arch:x86

a078ceb3f5bdf826e15d4820ba7c4591

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Ifs\InfoViewer_V2\Release\InfoViewer.pdb

Imports

shlwapi

PathFindFileNameA
UrlUnescapeA
PathIsUNCA
PathStripToRootA
PathGetArgsA
PathFindExtensionA

rpcrt4

UuidToStringA
RpcStringFreeA

kernel32

HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
TerminateProcess
ExitThread
CreateThread
HeapReAlloc
GetStartupInfoA
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
InterlockedExchange
GetACP
GetCurrentDirectoryA
SetErrorMode
GetOEMCP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
GetTickCount
InterlockedDecrement
WaitForSingleObject
ResumeThread
DeleteFileA
CreateDirectoryA
FindClose
FindNextFileA
FindFirstFileA
InterlockedIncrement
Sleep
RemoveDirectoryA
GetTempPathA
GetCommandLineA
ResetEvent
CloseHandle
SetEvent
GlobalAlloc
CreateEventA
GlobalFree
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
SuspendThread
SetThreadPriority
lstrcmpA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
SetLastError
FormatMessageA
lstrcpynA
LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GlobalLock
GlobalUnlock
MulDiv

user32

PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
GetSysColorBrush
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
DestroyMenu
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
ValidateRect
CharNextA
GetCursorPos
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
IsDialogMessageA
SetDlgItemTextA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
CharUpperA
LoadIconA
UnregisterClassA
EnableWindow
PtInRect
SetRect
SetRectEmpty
OffsetRect
DestroyCursor
FillRect
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
RegisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
UnhookWindowsHookEx
DrawFrameControl
SendMessageA
GetClientRect
GetDC
ReleaseDC
InvalidateRect
SetTimer
KillTimer
SetCapture
GetParent
LoadCursorA
DefWindowProcA
GetClassInfoA
GetSysColor
GetCursor
DispatchMessageA
GetMessageA
TranslateMessage
ReleaseCapture
SetCursor
GetKeyState
SetWindowTextA
PostMessageA
AppendMenuA
GetSystemMenu
IsIconic
GetSystemMetrics
CopyRect
LoadBitmapA
GetWindowRect
RegisterWindowMessageA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetStockObject
CreatePen
GetWindowExtEx
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetViewportExtEx
SaveDC
MoveToEx
LineTo
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateSolidBrush
DeleteDC
SelectObject
DeleteObject
GetPixel
SetMapMode
CreateFontIndirectA
GetObjectA
CreateBitmap
CreateCompatibleBitmap
GetBkColor
CreatePolygonRgn
StretchBlt
BitBlt
Rectangle
FillRgn
CreateCompatibleDC
PtInRegion
RestoreDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA

shell32

ShellExecuteA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoInitialize
CoUninitialize
CoCreateGuid
OleRun
CoCreateInstance

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
SysAllocString
VariantInit
VariantClear
VariantChangeType
OleLoadPicture
VariantCopy
DispCallFunc
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
SystemTimeToVariantTime
GetErrorInfo
SysFreeString

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
InternetOpenA
InternetSetStatusCallback
InternetConnectA
HttpOpenRequestA
InternetErrorDlg
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a078ceb3f5bdf826e15d4820ba7c4591

Headers

File Characteristics

PDB Paths

Imports

shlwapi

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 140KB - Virtual size: 138KB

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 140KB - Virtual size: 138KB