2024-03-06_f508073e47c41ff3fb17871a196195e8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-06_f508073e47c41ff3fb17871a196195e8_icedid
Size

1.2MB
MD5

f508073e47c41ff3fb17871a196195e8
SHA1

37301f3b03df3741f5ab4bccc009af54f2bcc934
SHA256

6937858c8c6387b082065f70b7569a27bde3f911cd5d4ed9254086d49a259bcf
SHA512

b22ee18caf897d64577642476416884dbdd5ce49ea11d77a73b2d17960a14e3672349da5e0382477cab620eb72548639f2faba56eeb7082770f108bc9bbc0abf
SSDEEP

24576:dZMLWOVqpYG2rHv8NiG1SHu3taqRLJoJCjkliTwQ9Ctw7cmVr+EucFc:SjHH8aqxvwYTV9CtsFTFc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-06_f508073e47c41ff3fb17871a196195e8_icedid

Files

2024-03-06_f508073e47c41ff3fb17871a196195e8_icedid
.exe windows:4 windows x86 arch:x86

bbe1c494f2375b140da6a33fe865c475

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDefaultQueueCallbackA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

waveOutClose
waveOutOpen

shell32

ShellExecuteA
ord680

kernel32

GetCPInfo
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GlobalHandle
TlsFree
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSize
GetFileTime
GetProcessVersion
LeaveCriticalSection
TlsAlloc
GetCurrentDirectoryA
RtlUnwind
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
CreateThread
ExitThread
SetStdHandle
GetFileType
EnterCriticalSection
GetTimeZoneInformation
GetACP
CompareStringA
SetErrorMode
LCMapStringA
HeapReAlloc
DeleteCriticalSection
ResumeThread
WideCharToMultiByte
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetDriveTypeA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
GetLocaleInfoW
SetEnvironmentVariableA
HeapSize
InitializeCriticalSection
GetSystemDirectoryA
CopyFileA
lstrcmpA
RemoveDirectoryA
DeleteFileA
FindClose
FindNextFileA
FindFirstFileA
lstrcatA
lstrcpyA
CreateDirectoryA
GetLastError
GetWindowsDirectoryA
GetProcAddress
LoadLibraryA
FreeLibrary
Sleep
CreateEventA
GetCurrentThread
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
lstrcpynA
MulDiv
SuspendThread
SetThreadPriority
GlobalGetAtomNameA
GetCurrentThreadId
WaitForSingleObject
CreateSemaphoreA
GlobalFindAtomA
lstrcmpiA
GlobalAddAtomA
GlobalLock
GlobalDeleteAtom
GetModuleHandleA
MultiByteToWideChar
GlobalUnlock
LockResource
HeapDestroy
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
DeviceIoControl
GetExitCodeProcess
GlobalFree
WaitForMultipleObjects
SetLastError
WritePrivateProfileStringA
FormatMessageA
GetProcessHeap
HeapAlloc
HeapFree
FindResourceA
SizeofResource
LoadResource
GetFullPathNameA
GetCommState
SetCommState
SetCommTimeouts
SetupComm
EscapeCommFunction
CreateFileA
GetTempPathA
GetCurrentProcessId
GlobalAlloc
OpenEventA
SetEvent
lstrlenA
LocalAlloc
LocalFree
OpenProcess
TerminateProcess
GetVersionExA
CreateProcessA
CloseHandle
GetVersion
MoveFileExA
GetShortPathNameA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
GetFileAttributesExA
SetFileAttributesA
HeapCreate
VirtualFree
CompareStringW
LCMapStringW

user32

TranslateMessage
GetMessageA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
ValidateRect
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
CharUpperA
PostQuitMessage
SetCursor
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
DestroyMenu
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
CopyRect
IsWindowVisible
LoadBitmapA
GetCursorPos
GetMenuCheckMarkDimensions
GetMenuState
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetWindowRect
LoadIconA
ShowWindow
GetSystemMetrics
SetWindowPos
MessageBoxA
KillTimer
SetTimer
InvalidateRect
InflateRect
IsRectEmpty
GetClientRect
GetSysColor
GetWindowThreadProcessId
wsprintfA
LoadStringA
EnumWindows
GetWindowTextA
GetFocus
SetFocus
SendMessageA
ModifyMenuA
IsWindow
EnableWindow
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SetWindowTextA
SetPropA
GetClassLongA
RegisterWindowMessageA
GetMessageTime
UnregisterClassA

gdi32

SetTextColor
SetBkColor
GetObjectA
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
CreatePen
CreateSolidBrush
GetDeviceCaps
GetViewportExtEx
BitBlt
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
Rectangle
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetSecurityDescriptorDacl
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryInfoKeyA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
RegOpenKeyA
DeleteService
RegSetKeySecurity
FreeSid
RegEnumKeyA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
ControlService

comctl32

ord17

olepro32

ord251

Sections

.text
Size: 440KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 660KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbe1c494f2375b140da6a33fe865c475

Headers

File Characteristics

Imports

setupapi

version

winmm

shell32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

olepro32

Sections

.text Size: 440KB - Virtual size: 436KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 52KB - Virtual size: 63KB

.rsrc Size: 660KB - Virtual size: 664KB

.text
Size: 440KB - Virtual size: 436KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 52KB - Virtual size: 63KB

.rsrc
Size: 660KB - Virtual size: 664KB