2024-02-22_37a72f3f3440343edea955598f8fa86a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-22_37a72f3f3440343edea955598f8fa86a_icedid
Size

1.5MB
MD5

37a72f3f3440343edea955598f8fa86a
SHA1

da2b4a86f2b3ad19203a680e569347f252a537c5
SHA256

9c9b0420d31b9352daba6a3b215ad5bd42e8c810f7d432ba65a652cf6ac4c2c6
SHA512

e2d9afc82254d820a4bf98a77a30843d89e4bec14ef58421c3382fe894e3714ca354c2f392f8db97dd6789ae62dd3537d823484f67ebaaeb7d17772d3defc517
SSDEEP

24576:rz0ltiN2YBS+mGkTcsBOU19Dktyb2OMVI5kZicz+p:GZYBSOPsBOi9Dktyb2OpkZbS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-22_37a72f3f3440343edea955598f8fa86a_icedid

Files

2024-02-22_37a72f3f3440343edea955598f8fa86a_icedid
.exe windows:4 windows x86 arch:x86

5feefc4b2c0ab807032ae1d88778770c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

bmaframe

CreateBMAFramework
CreateXmlConfigParse

channel

ReleaseChannel
CreateChannel

kernel32

HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
HeapReAlloc
SetStdHandle
SetUnhandledExceptionFilter
VirtualAlloc
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
CompareStringA
CompareStringW
GetDriveTypeA
GetACP
GetOEMCP
SetEnvironmentVariableA
TerminateProcess
HeapFree
HeapAlloc
RaiseException
GetSystemTime
GetTimeZoneInformation
RtlUnwind
ExitProcess
GetStartupInfoW
GetCurrentDirectoryW
FindResourceExW
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
SizeofResource
GlobalGetAtomNameW
GetDiskFreeSpaceW
SetFileTime
GetTempFileNameW
lstrcmpW
InterlockedExchange
GetProfileStringA
GlobalAddAtomA
FindResourceA
GlobalAlloc
lstrcmpA
lstrcmpiA
GetCurrentThread
MulDiv
GetShortPathNameW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
LoadLibraryW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageW
LocalFree
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
lstrcpynW
lstrcpyW
lstrcatW
IsBadReadPtr
IsBadWritePtr
GetModuleFileNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetFileTime
GetLocalTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
lstrlenA
MultiByteToWideChar
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
ResetEvent
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileSectionW
WritePrivateProfileSectionW
FindFirstFileW
FindClose
lstrlenW
GetModuleFileNameW
GetVersion
GetPrivateProfileStringW
Sleep
SetEvent
WaitForSingleObject
CreateThread
CreateEventW
GetFileAttributesW
SetFileAttributesW
WritePrivateProfileStringW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteFileW
RemoveDirectoryW
GetTickCount
GetTempPathW
CreateDirectoryW
GetLastError
WriteFile
GetFileSize
CloseHandle
ReadFile
CreateFileW
GetPrivateProfileIntW
LCMapStringW

user32

IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
TranslateAcceleratorW
LoadAcceleratorsW
SetWindowContextHelpId
GetMessageW
ValidateRect
SetCursor
ShowOwnedPopups
PostQuitMessage
SetRectEmpty
LoadStringW
GetCursorPos
WindowFromPoint
GrayStringW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MapDialogRect
GetAsyncKeyState
CharUpperW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
MessageBoxW
IsChild
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
CopyAcceleratorTableW
GetSubMenu
GetMenuItemID
GetWindowTextLengthW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
GetDlgCtrlID
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
IntersectRect
LoadCursorW
GetSysColorBrush
GetDCEx
LockWindowUpdate
InsertMenuW
DeleteMenu
GetMenuStringW
DestroyIcon
AdjustWindowRectEx
CharNextW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
DrawIcon
GetDesktopWindow
PtInRect
GetMessagePos
ScreenToClient
GetCapture
ReleaseCapture
MapWindowPoints
OffsetRect
SetCapture
GetSystemMetrics
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
DrawFrameControl
DrawFocusRect
GetDC
ReleaseDC
GetNextDlgGroupItem
SetParent
GetMenuItemCount
GetWindow
GetClassNameW
LoadImageW
FrameRect
IsRectEmpty
IsWindow
GetWindowTextW
EnumWindows
PeekMessageW
SetMenu
GetKeyState
UnregisterClassW
RegisterClipboardFormatW
MessageBeep
TranslateMessage
DispatchMessageW
SetRect
GetCaretPos
keybd_event
KillTimer
SetTimer
GetSysColor
CopyRect
InflateRect
UpdateWindow
GetFocus
PostMessageW
PostThreadMessageW
FillRect
GetClientRect
GetParent
DrawTextW
LoadBitmapW
GetWindowRect
EnableWindow
InvalidateRect
LoadIconW
SendMessageW
IsWindowVisible

gdi32

StretchDIBits
GetCharWidthW
GetMapMode
SetRectRgn
PtVisible
DPtoLP
EnumFontFamiliesExW
GetTextColor
GetBkColor
LPtoDP
GetTextExtentPointA
ExtTextOutA
CreatePatternBrush
SetWindowExtEx
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
Escape
CreateRectRgn
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
TextOutW
RectVisible
CreateDIBitmap
GetObjectW
BitBlt
CombineRgn
CreateFontIndirectW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
RestoreDC
SaveDC
CreateRectRgnIndirect
PatBlt
CreateBitmap
SetBkColor
GetClipBox
CreateFontW
CreateDIBSection
Rectangle
ExtTextOutW
CreatePen
GetTextMetricsW
CreateCompatibleBitmap
DeleteDC
GetTextExtentPoint32W
SetBkMode
SelectObject
SetTextColor
DeleteObject
CreateSolidBrush
CreateCompatibleDC
ScaleWindowExtEx

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyW
RegSetValueW
RegQueryValueExW

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
ExtractIconW

comctl32

ImageList_DragLeave
ImageList_Draw
ImageList_GetIconSize
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_BeginDrag
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Create
ImageList_DragMove
ord17
ImageList_EndDrag
ImageList_LoadImageW
ImageList_DrawEx

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
OleFlushClipboard
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoUninitialize
OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance
OleRun
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRevokeClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

olepro32

ord253

oleaut32

SysStringLen
VariantInit
VariantClear
SysAllocString
SysFreeString
VariantChangeType
VariantCopy
SysAllocStringLen
VariantTimeToSystemTime
GetErrorInfo

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiOpenDevRegKey

Sections

.text
Size: 472KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 780KB - Virtual size: 779KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5feefc4b2c0ab807032ae1d88778770c

Headers

File Characteristics

Imports

version

bmaframe

channel

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

setupapi

Sections

.text Size: 472KB - Virtual size: 472KB

.rdata Size: 212KB - Virtual size: 212KB

.data Size: 36KB - Virtual size: 56KB

.rsrc Size: 780KB - Virtual size: 779KB

.text
Size: 472KB - Virtual size: 472KB

.rdata
Size: 212KB - Virtual size: 212KB

.data
Size: 36KB - Virtual size: 56KB

.rsrc
Size: 780KB - Virtual size: 779KB