2024-02-24_079c0325680de38d425ec355722226f1_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-24_079c0325680de38d425ec355722226f1_icedid
Size

288KB
MD5

079c0325680de38d425ec355722226f1
SHA1

9e06206d86b90b039558052d67a7d85a6522d54f
SHA256

c4f46c4257bff7fd3c53f3e92d332d4ed35edb57e8506b2985d252307bd0321d
SHA512

b0162b194e5140b4bf378316b72c47d390d3e9e07bbc5322d9372dbb2c256a161c432597c7921a907eaa0179745faf7a7d0022cd3e23e550a6a9c9702250f32a
SSDEEP

6144:t2FZyTLRddHUL8jlGANstAzyUh510jE+C2hK2t36Dzr6DUt:/R70L8jlGACAzBqH3t36zr6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-24_079c0325680de38d425ec355722226f1_icedid

Files

2024-02-24_079c0325680de38d425ec355722226f1_icedid
.exe windows:4 windows x86 arch:x86

100fae6b1a613b4d23eedd8ad104c401

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualProtect
GetCurrentProcessId
GetSystemTimeAsFileTime
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
GetStartupInfoW
GetTickCount
GetFileTime
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringW
GetLastError
FormatMessageW
LocalFree
MulDiv
SetLastError
lstrcmpiW
lstrcpynW
GlobalFindAtomW
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
GlobalUnlock
GlobalFree
FreeResource
CloseHandle
GlobalAddAtomW
lstrlenW
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcpyW
LoadLibraryW
GetLocaleInfoW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
LoadResource
LockResource
SizeofResource
FindResourceW
GetFileAttributesW
QueryPerformanceCounter
InterlockedDecrement

user32

GetDCEx
LockWindowUpdate
PostThreadMessageW
SetParent
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
CharUpperW
GetSysColorBrush
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
DestroyMenu
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
wsprintfW
ShowWindow
MoveWindow
SetWindowTextW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
RegisterClipboardFormatW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxW
SetForegroundWindow
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetSystemMetrics
DrawIcon
AppendMenuW
SendMessageW
GetSystemMenu
IsIconic
GetClientRect
EnableWindow
LoadIconW
PostMessageW
IsDialogMessageW
PostQuitMessage
SetCursor
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
PtInRect
GetWindowRect
KillTimer
SetTimer
OffsetRect
SetRectEmpty
IsZoomed
ReleaseDC
GetDC
CopyRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
SetWindowsHookExW
LoadBitmapW
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetParent
GetFocus
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetDesktopWindow

gdi32

GetBkColor
GetTextColor
GetRgnBox
SetRectRgn
CombineRgn
GetDeviceCaps
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetMapMode
CreateBitmap
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32W
GetTextMetricsW
SelectObject
PatBlt
CreateRectRgnIndirect
SetViewportOrgEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

DragQueryFileW
DragFinish

comctl32

ImageList_Destroy
ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize
CoDisconnectObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SysStringLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
LoadTypeLi
GetErrorInfo
SysFreeString

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

100fae6b1a613b4d23eedd8ad104c401

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 20KB - Virtual size: 17KB