2024-03-05_a236b864a26087738cc99bdcd5e100c0_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-05_a236b864a26087738cc99bdcd5e100c0_icedid
Size

1.4MB
MD5

a236b864a26087738cc99bdcd5e100c0
SHA1

5ea6a7f180430097e72d58a0fd7f21367e3b70bb
SHA256

22d1854beff5db923ea9ec5ed793824dcd421766e8860be00d98b9154a024673
SHA512

c9712e689f9c45c3bc05dcaf1c626fb8f1b829d0022727117927e7d33a0cb8d4cee4eb94ef7a5e7029d9cd84fa717c21fdf7e1519be37bc6b5ab878a4c016302
SSDEEP

24576:RHU/SWnrrkS1oWtDhg5shNYAFmzsEPE46tmLjwufcL4OF8LT4RjPu/WDdrOnGK3R:irEWt1vNpHmLUScL4OFMTAju/WDdrOn/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-05_a236b864a26087738cc99bdcd5e100c0_icedid

Files

2024-03-05_a236b864a26087738cc99bdcd5e100c0_icedid
.exe windows:4 windows x86 arch:x86

5198daf5b6ee2465f0bfbdd9d5e0f22d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetTimeFormatA
GetDateFormatA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetSystemTimeAsFileTime
GetFileType
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
TerminateProcess
ExitProcess
RtlUnwind
WritePrivateProfileStringA
GetFileTime
SetErrorMode
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
GetFileSize
CopyFileA
UnmapViewOfFile
DeleteFileA
WriteFile
GetSystemDirectoryA
GetTickCount
GetFileAttributesA
SetFileAttributesA
CreateFileA
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
lstrcmpA
lstrcatA
HeapReAlloc
HeapSize
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
MultiByteToWideChar
CreateDirectoryA
lstrlenA
GlobalReAlloc
GlobalAlloc
GlobalFree
MulDiv
lstrcpyA
GlobalLock
GlobalUnlock
FindFirstFileA
FindNextFileA
GetLastError
FindClose
FormatMessageA
LocalFree
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetFileInformationByHandle
GetStdHandle
PeekNamedPipe

user32

MessageBeep
InvalidateRgn
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
GetDesktopWindow
CreateDialogIndirectParamA
EndDialog
GetCursorPos
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
EndPaint
BeginPaint
GetWindowDC
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetMenuState
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
GetWindowPlacement
PtInRect
GetWindow
wsprintfA
CharUpperA
LoadIconA
GetSystemMetrics
IsIconic
GetSystemMenu
DrawMenuBar
GetMenu
AppendMenuA
DrawIcon
GetFocus
IsWindowEnabled
IsWindow
SetFocus
IsWindowVisible
SetRect
UpdateWindow
IsRectEmpty
MessageBoxA
UnregisterClassA
PostThreadMessageA
RegisterClipboardFormatA
SystemParametersInfoA
GetSubMenu
TrackPopupMenuEx
PostMessageA
LoadImageA
GetSysColor
SetCursor
DestroyCursor
DestroyMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowLongA
EnableWindow
DestroyWindow
WindowFromPoint
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SendMessageA
DrawFocusRect
FrameRect
FillRect
OffsetRect
InflateRect
CopyRect
KillTimer
SetTimer
GetIconInfo
CreateIconIndirect
GetDC
ReleaseDC
DrawStateA
DestroyIcon

gdi32

GetTextExtentPoint32A
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetTextColor
GetRgnBox
PatBlt
CreateFontIndirectA
CreatePen
Rectangle
ResetDCA
GetDeviceCaps
CreateDIBitmap
SelectClipRgn
SetStretchBltMode
StretchDIBits
Ellipse
CreateEllipticRgnIndirect
CreateRectRgnIndirect
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
StretchBlt
FillRgn
CreateEllipticRgn
EndDoc
AbortDoc
EndPage
StartPage
GetStockObject
StartDocA
CreateDCA
DeleteObject
CreateFontA
CreateSolidBrush
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
GetObjectA
CreateCompatibleBitmap
GetPixel
SetPixel
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetDIBits

comdlg32

ChooseColorA
ChooseFontA
PrintDlgA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragAcceptFiles
DragQueryFileA
ShellExecuteExA
SHFileOperationA
SHGetSpecialFolderPathA

comctl32

_TrackMouseEvent
ImageList_GetImageCount
ImageList_Replace
ImageList_SetImageCount
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemAlloc
OleUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
StgOpenStorageOnILockBytes

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocString
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
OleTranslateColor

Sections

.text
Size: 860KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5198daf5b6ee2465f0bfbdd9d5e0f22d

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 860KB - Virtual size: 856KB

.rdata Size: 280KB - Virtual size: 277KB

.data Size: 32KB - Virtual size: 50KB

.rsrc Size: 292KB - Virtual size: 289KB

.text
Size: 860KB - Virtual size: 856KB

.rdata
Size: 280KB - Virtual size: 277KB

.data
Size: 32KB - Virtual size: 50KB

.rsrc
Size: 292KB - Virtual size: 289KB