2024-02-25_7158275f8efa5f8e87aa52a331890973_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-25_7158275f8efa5f8e87aa52a331890973_icedid
Size

248KB
MD5

7158275f8efa5f8e87aa52a331890973
SHA1

ca568e1c972388f218a0c4d8e3c45694567ca853
SHA256

262c37680379c2fe11839dc987e51c9db846df9bad86e41404c768beb31ff3fb
SHA512

e7780b1aa3436d1c33da9115c30df0fb60f6b375cb4800a231da06c1007a597bd02ba6a08cdf35424e1a063cc23816b96da1facfbe27b22ee3904932e0f3c451
SSDEEP

3072:GdOy9jcsVVGB3Y2IA544f+CDWlWFiNB57GCPkdTXX02CCxKAp4UlniNkFj:GQyus6a2IAHDWlWFiNzCUE7TiNE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-25_7158275f8efa5f8e87aa52a331890973_icedid

Files

2024-02-25_7158275f8efa5f8e87aa52a331890973_icedid
.exe windows:4 windows x86 arch:x86

b1d54141cea8f8001aca25627ea00f11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\LookALF\Release\LookALF.pdb

Imports

kernel32

Sleep
GlobalUnlock
MultiByteToWideChar
MoveFileW
GetCurrentDirectoryW
CopyFileW
GetUserDefaultUILanguage
GetModuleFileNameW
LoadLibraryExW
FreeLibrary
CreateThread
ReadFile
SetFilePointer
GetFileSize
CreateFileMappingW
GlobalAlloc
GlobalLock
GetFileTime
FileTimeToSystemTime
SystemTimeToFileTime
SetFileTime
GlobalFree
DeleteFileW
GetLocalTime
CreateFileW
WriteFile
CloseHandle
UnmapViewOfFile
MapViewOfFile
GetLastError
GetTimeZoneInformation
WideCharToMultiByte
GetLocaleInfoA
GetACP
InterlockedExchange
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
GetOEMCP
lstrcpynW
SetLastError
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
lstrlenW
LocalAlloc
LocalFree
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedDecrement
FormatMessageW
lstrcpyW
GetCurrentThreadId
InterlockedIncrement
GetVersion
GetVersionExA
GetProcAddress
GetModuleHandleW
lstrcmpW
lstrcatW
LoadLibraryA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GlobalFlags
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
ExitProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
SetStdHandle
CreateFileA
GetCPInfo
GetStringTypeA
GetStringTypeW

user32

PostMessageW
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
GetClassInfoExW
GetCapture
WinHelpW
RegisterWindowMessageW
ClientToScreen
TabbedTextOutW
DrawTextExW
GrayStringW
AdjustWindowRectEx
GetClassInfoW
GetDlgCtrlID
UnregisterClassW
IsWindowEnabled
GetLastActivePopup
LoadStringW
SetActiveWindow
SetForegroundWindow
GetWindowPlacement
GetParent
DefMDIChildProcW
SetScrollRange
SetScrollPos
EnumWindows
LoadIconW
LoadCursorW
RegisterClassW
LoadMenuW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyMenu
PostQuitMessage
DialogBoxParamW
MessageBoxW
SetTimer
GetMenu
EnableMenuItem
DefWindowProcW
DefFrameProcW
KillTimer
GetWindowTextW
SetWindowLongW
CreateWindowExW
GetDC
LoadImageW
BeginPaint
EndPaint
MoveWindow
DestroyWindow
OffsetRect
SetDlgItemInt
GetWindowLongW
GetDlgItemInt
GetDlgItemTextW
SendDlgItemMessageW
EndDialog
GetDlgItem
EnableWindow
UnhookWindowsHookEx
SetDlgItemTextW
ShowWindow
UpdateWindow
GetWindowRect
GetClientRect
GetSystemMetrics
InvalidateRect
DrawTextW
wsprintfW
CreateDialogParamW
SetWindowTextW
PeekMessageW
SendMessageW
CallWindowProcW
SetWindowPos
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
ValidateRect
GetKeyState
CallNextHookEx
SetWindowsHookExW
GetSysColorBrush
GetSysColor
ReleaseDC
SystemParametersInfoA
IsIconic
CopyRect
PtInRect
GetWindow
SetMenuItemBitmaps
GetFocus
ModifyMenuW
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
FillRect

gdi32

GetDeviceCaps
Rectangle
CreateRectRgn
SelectClipRgn
RestoreDC
Polyline
SetBkMode
SetTextColor
TextOutW
CreateFontW
CreateCompatibleDC
GetMapMode
SetMapMode
BitBlt
DeleteDC
GetObjectW
DeleteObject
SaveDC
ExtTextOutW
SetBkColor
GetClipBox
CreateBitmap
GetTextExtentPoint32W
PolyBezier
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
RectVisible
PtVisible
Ellipse
Polygon
GetStockObject
LineTo
MoveToEx
SelectObject
CreatePen
CreateSolidBrush

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

comdlg32

ChooseColorW
GetSaveFileNameW
GetOpenFileNameW

comctl32

CreateStatusWindowW
InitCommonControlsEx
ord17

oleacc

LresultFromObject
CreateStdAccessibleObject

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1d54141cea8f8001aca25627ea00f11

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

comctl32

oleacc

oleaut32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 61KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 61KB

.rsrc
Size: 40KB - Virtual size: 36KB