2024-02-28_ff2b5b2996fd2baac92725059ea1bb80_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-28_ff2b5b2996fd2baac92725059ea1bb80_icedid
Size

1.5MB
MD5

ff2b5b2996fd2baac92725059ea1bb80
SHA1

06efc43de6bf33f0e1dd99cff4b8e36f32ed752b
SHA256

0c8e862a4c8f6f12b81760a7315a4db97f494e86418baf93b355011dbcba1026
SHA512

7ceef6e00527b5157f5d9b1edb81c5f1ef8f905165e3cd1ca0927c61f300c032589ed941bdb184772e9e70724a7b4b43df659fe5554e1e606b289bca633c3598
SSDEEP

12288:lEjjq/Mk1OlAXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDtL:lGi1oAsqjnhMgeiCl7G0nehbGZpbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-28_ff2b5b2996fd2baac92725059ea1bb80_icedid

Files

2024-02-28_ff2b5b2996fd2baac92725059ea1bb80_icedid
.exe windows:5 windows x86 arch:x86

4caf3b0c4cf701533baebf0d766b1d5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
IsIconic
GetClientRect
EnableWindow
LoadIconA
GetSystemMetrics
SetCursor
PtInRect
InflateRect
UnregisterClassA
GetSysColorBrush
GetMenuItemInfoA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
GetWindowRect
GetDC
ReleaseDC
InvalidateRect
RedrawWindow
SetCapture
GetParent
ReleaseCapture
IsWindow
GetSysColor
MessageBeep
CopyIcon
LoadCursorA
SetWindowLongA
SetTimer
SendInput
GetAsyncKeyState
FindWindowA
RegisterWindowMessageA
SystemParametersInfoA
GetMenuItemID
GetSubMenu
LoadMenuA
PostMessageA
KillTimer
SetActiveWindow
SetForegroundWindow
SetMenuDefaultItem
TrackPopupMenu
GetCursorPos
ModifyMenuA
GetClassNameA
PostQuitMessage
CheckMenuItem
EnableMenuItem
GetMenuState
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
ShowOwnedPopups
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
UnhookWindowsHookEx
GetWindow
GetWindowPlacement
IntersectRect
OffsetRect
SetWindowPos
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
CopyRect
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
GetMenuItemCount
UpdateWindow
SetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
WinHelpA
SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
ShowWindow
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
WindowFromPoint
TranslateAcceleratorA

kernel32

GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
CreateFileA
GetCPInfo
GetOEMCP
GetModuleHandleW
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
Sleep
ExitProcess
RaiseException
VirtualAlloc
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringA
FormatMessageA
LocalFree
MulDiv
GlobalUnlock
GlobalFree
lstrlenA
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
MultiByteToWideChar
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryExA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
GetProcAddress
GetVersion
GetVersionExA
SetThreadExecutionState
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary

gdi32

CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegQueryValueA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA
ShellExecuteA

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantInit
VariantChangeType
VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime

Sections

.text
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4caf3b0c4cf701533baebf0d766b1d5f

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

Sections

.text Size: 177KB - Virtual size: 176KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 9KB - Virtual size: 23KB

.rsrc Size: 1.2MB - Virtual size: 1.9MB

.text
Size: 177KB - Virtual size: 176KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 9KB - Virtual size: 23KB

.rsrc
Size: 1.2MB - Virtual size: 1.9MB