2024-02-23_84147ba8378a422f9201d060180b76bc_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-23_84147ba8378a422f9201d060180b76bc_icedid
Size

820KB
MD5

84147ba8378a422f9201d060180b76bc
SHA1

1a5949cbc4b5e21034e001da01a46f2ac4757f96
SHA256

6ea4cf8492e44998d32936cb77667f26e35d6452825089324b23cc0808353734
SHA512

352ec27457c89087263a0ad070ad23c8b03d678e103378e6fa91554c29cfe5b0fb7e34c90d91568570b4211236d1fb28422b5de3a01853bd75f43031a3fbce55
SSDEEP

24576:3gHRLa8DaHkAwfDXAVjJ5YGKehoJsYqkG/VNFRYIKprd3:3wRLa8gzEehoJhG/nFRYIKprl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-23_84147ba8378a422f9201d060180b76bc_icedid

Files

2024-02-23_84147ba8378a422f9201d060180b76bc_icedid
.exe windows:4 windows x86 arch:x86

977638af11e01670be26904ac7528322

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCommandLineA
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetShortPathNameA
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedDecrement
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
FreeResource
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GlobalGetAtomNameA
GlobalAddAtomA
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
SetLastError
MulDiv
FormatMessageA
lstrcpynA
LocalFree
lstrcpyA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetStringTypeExA
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetTickCount
InterlockedExchange

user32

DestroyIcon
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
KillTimer
SetTimer
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
IsZoomed
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
SetForegroundWindow
GetClientRect
AdjustWindowRectEx
DeferWindowPos
RegisterClassA
UnregisterClassA
LockWindowUpdate
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
RegisterWindowMessageA
wsprintfA
LoadMenuA
DestroyMenu
GetClassNameA
SetWindowPos
WinHelpA
SetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconA
GetClassInfoA
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
InvalidateRect
UpdateWindow
SetRect
CharUpperA
EnableWindow
PtInRect
FrameRect
MessageBeep
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
BringWindowToTop
SetMenu
ShowWindow
IsWindow
GetWindow
IsWindowEnabled
TranslateAcceleratorA
WaitMessage
GetDCEx
GetMenuItemInfoA
PeekMessageA
GetMessageA
DispatchMessageA
TranslateMessage
GetCursorPos
GetWindowThreadProcessId
GetDesktopWindow
ReleaseCapture
SetCursor
LoadCursorA
GetCapture
GetFocus
InflateRect
GetSysColorBrush
ValidateRect
ShowOwnedPopups
PostQuitMessage
AppendMenuA
GetMenuStringA
GetMenuState
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ScreenToClient
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetSysColor
GetParent
GetWindowLongA
GetLastActivePopup
WindowFromPoint
SetCapture
GetActiveWindow
PostMessageA
SendMessageA
TrackPopupMenu

gdi32

CreateSolidBrush
CreateCompatibleBitmap
GetTextMetricsA
GetTextExtentPoint32A
StretchDIBits
SelectPalette
CreateFontA
GetBkColor
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
GetCharWidthA
CreateFontIndirectA
GetPixel
BitBlt
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
SetDIBitsToDevice
RealizePalette
CreatePalette
RectVisible

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegSetValueExA

shell32

DragQueryFileA
ExtractIconA
SHGetFileInfoA
DragFinish

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

977638af11e01670be26904ac7528322

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 188KB - Virtual size: 185KB

.rdata Size: 332KB - Virtual size: 329KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 288KB - Virtual size: 285KB

.text
Size: 188KB - Virtual size: 185KB

.rdata
Size: 332KB - Virtual size: 329KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 288KB - Virtual size: 285KB