2024-02-28_a661de5eb4ec8d90f8578eb3e03d7fcd_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-28_a661de5eb4ec8d90f8578eb3e03d7fcd_icedid
Size

384KB
MD5

a661de5eb4ec8d90f8578eb3e03d7fcd
SHA1

1bb9f787da0ad9792d1efa4aea1f9dfc1326f2fe
SHA256

5bb8890f56685e1d969e9506ef6f30667391716163f637abcc6af0ce8e5267ea
SHA512

b06d23f1abe8a44f7d8f7154e2bfe4af90a49c50fae61f39b76938232c8bf71daf2e2621195c0c77f237d6b48455c02317dc664752a1e6c308d59686d7e8af11
SSDEEP

6144:iSTQrdasc7EMFgk82aRyXYHJIcIyHiO5yyMzq/5sM4uPCsr:bMxoeUaRjHSc5iOIqRsM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-28_a661de5eb4ec8d90f8578eb3e03d7fcd_icedid

Files

2024-02-28_a661de5eb4ec8d90f8578eb3e03d7fcd_icedid
.exe windows:4 windows x86 arch:x86

5fc78447fab2ad8187283dd4764b6a11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\My Documents\WinCln .NET\Release\WinCln.pdb

Imports

kernel32

HeapSize
TerminateProcess
LCMapStringA
LCMapStringW
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
HeapReAlloc
CreateFileA
RtlUnwind
ExitProcess
GetCommandLineA
GetStartupInfoA
GetDateFormatA
GetTimeFormatA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
HeapFree
SetErrorMode
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
MoveFileA
SystemTimeToFileTime
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalFlags
lstrcmpA
InterlockedDecrement
GlobalAlloc
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
GetDriveTypeA
GetLogicalDrives
GetFullPathNameA
SetCurrentDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
ReleaseMutex
CreateMutexA
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
CompareStringA
lstrcmpiA
GetStringTypeExA
MultiByteToWideChar
CompareStringW
lstrlenA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetCurrentThreadId
SetLastError
GetTickCount
MulDiv
GetVersion
FreeLibrary
GetProcAddress
LoadLibraryA
FreeResource
LocalFree
FormatMessageA
GetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetWindowsDirectoryA
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
CloseHandle
WriteFile
SetFilePointer
GetFileSize
GetFileType

user32

GetMessageA
TranslateMessage
ValidateRect
EndPaint
BeginPaint
SetParent
GetDC
IsZoomed
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
SetRectEmpty
TranslateAcceleratorA
GetMenuStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
wsprintfA
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SendDlgItemMessageA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
PostMessageA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
GetWindowPlacement
PtInRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
LoadIconA
UpdateWindow
SetForegroundWindow
IsIconic
IsWindowVisible
BringWindowToTop
GetLastActivePopup
BroadcastSystemMessageA
RegisterWindowMessageA
UnregisterClassA
LoadImageA
CharUpperA
CopyIcon
InvalidateRect
EqualRect
GetParent
SetMenu
GetMenuItemCount
CallNextHookEx
SetPropA
GetClassNameA
CallWindowProcA
RemovePropA
GetPropA
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowLongA
IntersectRect
OffsetRect
SetRect
InflateRect
CopyRect
DeleteMenu
SetWindowPos
RedrawWindow
ClientToScreen
IsRectEmpty
GetMenuState
LoadMenuA
GetDesktopWindow
ModifyMenuA
GetSubMenu
InsertMenuA
SetCapture
LockWindowUpdate
GetDCEx
GetSysColorBrush
AppendMenuA
GetMenuDefaultItem
DrawFocusRect
DrawEdge
DrawStateA
GetMenuItemInfoA
GetMessagePos
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetClientRect
GetMenuItemID
WindowFromDC
DestroyIcon
GetIconInfo
GetWindowLongA
FillRect
GetWindowRect
ShowOwnedPopups
PostQuitMessage
WindowFromPoint
GetWindow
SystemParametersInfoA
GetMenuItemRect
IsMenu
GetSysColor
ReleaseDC
GetSystemMetrics
GetWindowDC
LoadBitmapA
SetTimer
IsWindow
MessageBoxA
MenuItemFromPoint
GetFocus
IsChild
GetCursorPos
GetMenu
KillTimer
GetSystemMenu
DestroyMenu
EnableWindow
SendMessageA
LoadCursorA
SetCursor
CreatePopupMenu

gdi32

SetRectRgn
PatBlt
GetBkColor
GetTextMetricsA
SelectObject
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetStockObject
SelectClipRgn
CreateRectRgnIndirect
CombineRgn
CreateRectRgn
ScaleWindowExtEx
SetWindowExtEx
DeleteDC
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateFontA
GetCharWidthA
GetDeviceCaps
GetPixel
SetPixel
BitBlt
Rectangle
SetBrushOrgEx
UnrealizeObject
CreatePen
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
RoundRect
GetTextExtentPoint32A
GetObjectA
DeleteObject
GetNearestColor
CreateFontIndirectA
CreateSolidBrush
CreatePatternBrush
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegFlushKey
RegEnumKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegOpenKeyExA

shell32

ExtractIconA
ShellExecuteA
SHFileOperationA
DragFinish
DragQueryFileA
SHGetFileInfoA
SHGetSpecialFolderPathA

comctl32

ImageList_GetIconSize
ImageList_AddMasked
ImageList_Add
ImageList_Replace
ImageList_GetImageCount
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Draw
ord17
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
SHDeleteKeyA
PathIsUNCA

ole32

CoCreateInstance

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

wininet

FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindFirstUrlCacheEntryA

Sections

.text
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fc78447fab2ad8187283dd4764b6a11

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

Sections

.text Size: 264KB - Virtual size: 262KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 264KB - Virtual size: 262KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 48KB - Virtual size: 46KB