2024-03-06_be11f3baac4f2ec3c95130acc1cada73_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-06_be11f3baac4f2ec3c95130acc1cada73_icedid
Size

1.9MB
MD5

be11f3baac4f2ec3c95130acc1cada73
SHA1

11a84d408a0df9397e44f789f1b63d24c14b2fdd
SHA256

dea6ac010a3e2f97dc221f5f8278710bf149d3b3d60e29b5b9e4651129a26ebb
SHA512

f3886448b2170eaf447e31152fb9fd1e2add4d1e65d2c5286dff7de5d1b8e52fbb1319551f9c2d67720a6b1184dbd7c204a8d7ad2e60de871b2cd3b3bd923432
SSDEEP

49152:gBJ4u0K0hTZXB8jd4StGMNwTGYpSmeJqf0M2cyzseRN7r/f:WJX0K+B84StkiYpCqfz2ciRVbf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-06_be11f3baac4f2ec3c95130acc1cada73_icedid

Files

2024-03-06_be11f3baac4f2ec3c95130acc1cada73_icedid
.exe windows:4 windows x86 arch:x86

ec1b5fad351e67732039312437e2fc06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\Work\RockInternational\FileSecurity\3.0 LE\SelfExtractor\Win32\Release\ibbxse-win32i.pdb

Imports

comctl32

ord17
InitCommonControlsEx

kernel32

TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
LockFile
UnlockFile
DuplicateHandle
GetFullPathNameA
GetFileTime
lstrcmpA
GlobalFlags
lstrcatA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
VirtualProtect
VirtualAlloc
VirtualQuery
ExitProcess
RtlUnwind
HeapReAlloc
HeapSize
GetStartupInfoA
GetCommandLineA
SetStdHandle
GetFileType
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GlobalHandle
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
IsBadCodePtr
GetLocaleInfoW
SetEnvironmentVariableA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
CompareStringA
CompareStringW
IsBadReadPtr
IsBadWritePtr
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
SetLastError
CloseHandle
GetFileSize
GlobalReAlloc
LocalAlloc
LocalFree
ResumeThread
FormatMessageA
CreateFileMappingA
SetFileTime
GetSystemInfo
MapViewOfFile
GetVolumeInformationA
GetTempPathA
GetTempFileNameA
FlushFileBuffers
WaitForSingleObject
SetEvent
GetCurrentThread
GetUserDefaultLCID
GetSystemDefaultLCID
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
SuspendThread
UnmapViewOfFile
lstrcpyA
CreateDirectoryA
DeleteFileA
MoveFileA
HeapAlloc
SetCurrentDirectoryA
CreateFileA
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
FileTimeToLocalFileTime
FindClose
FileTimeToSystemTime
LockResource
LoadLibraryA
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetDateFormatA
GetTimeFormatA
CreateThread
IsDBCSLeadByte
lstrcpynA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
CreateEventA
GetStringTypeA

user32

GrayStringA
DrawTextExA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
ClientToScreen
GetDlgCtrlID
PtInRect
GetClassNameA
SendMessageA
GetLastActivePopup
IsWindowEnabled
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RedrawWindow
SetForegroundWindow
BringWindowToTop
UpdateWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
InvalidateRect
SetWindowTextA
PostMessageA
IsDlgButtonChecked
CheckDlgButton
EnableWindow
MessageBeep
OffsetRect
PostQuitMessage
DestroyMenu
DrawTextA
GetWindowLongA
GetWindow
SystemParametersInfoA
GetClientRect
MapWindowPoints
GetParent
IsWindow
GetWindowTextLengthA
GetWindowTextA
EndDialog
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
ReleaseDC
GetDC
GetWindowRect
SetWindowPos
ShowWindow
GetActiveWindow
CharNextA
DialogBoxParamA
LoadStringA
MessageBoxA
SetWindowLongA
UnregisterClassA
CharUpperA
GetFocus

gdi32

SetMapMode
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps
CreateCompatibleDC
GetStockObject
SelectObject
SetViewportExtEx
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
SHGetFileInfoA

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA

wininet

InternetConnectA
HttpOpenRequestA
InternetQueryDataAvailable
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA

ole32

StringFromCLSID
CoCreateGuid
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2

oleaut32

VariantInit
VariantChangeType
VariantClear
VarUI4FromStr

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec1b5fad351e67732039312437e2fc06

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

wininet

ole32

oleaut32

version

Sections

.text Size: 208KB - Virtual size: 206KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 208KB - Virtual size: 206KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 40KB - Virtual size: 39KB