2024-03-08_85fd9937fbf85c63594c9621bca5f356_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-08_85fd9937fbf85c63594c9621bca5f356_icedid
Size

1.1MB
MD5

85fd9937fbf85c63594c9621bca5f356
SHA1

756b837af27142d2456a7355fff44108c413fc7b
SHA256

cdad696b7844681dee01c7c651ebf4420c540e295f8a32770bff43c940824157
SHA512

8d1e1accfebea0208a4dbeea6bffb42e582c3ffcc72418e52ae2d03b16921722a18cdfeba0b83477b16afec58c7d70b0b4111df17648a38588677af6c9e8b3c0
SSDEEP

24576:FVAevU4GMaMuCkSDyleQ2Jzicu2vIzWBEALAW96IZlQUhCoW:PaquCkSDyleQ8zixVyxn4IQUa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-08_85fd9937fbf85c63594c9621bca5f356_icedid

Files

2024-03-08_85fd9937fbf85c63594c9621bca5f356_icedid
.exe windows:4 windows x86 arch:x86

48261c70b9055ce7b87cf60e1a61c6bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord11

d3d9

Direct3DCreate9

winmm

mmioOpenA
mmioClose
mmioWrite
mmioAdvance
mmioSetInfo
mmioSeek
mmioCreateChunk
mmioGetInfo
mmioDescend
mmioRead
mmioAscend
timeGetTime

kernel32

VirtualAlloc
VirtualFree
HeapFree
HeapAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
UnmapViewOfFile
CreateFileW
CreateFileMappingA
GetFileSize
MapViewOfFile
FormatMessageA
LocalFree
FatalAppExitA
DebugBreak
GetProfileIntA
IsProcessorFeaturePresent
GetSystemInfo
GetTempPathA
GetTempFileNameA
ReadFile
DeleteFileA
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
CreateFileA
CloseHandle
FindResourceA
LoadResource
SizeofResource
LockResource
lstrcmpA
MulDiv
GetCurrentDirectoryA
lstrcpyA
lstrcatA
Sleep
lstrcpynA
GetEnvironmentVariableA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
GetLocaleInfoW
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
SetLastError
RaiseException
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCurrentThreadId
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
VirtualProtect
VirtualQuery
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
IsBadWritePtr
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
CopyRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
CallWindowProcA
GetClassInfoA
AdjustWindowRectEx
SetForegroundWindow
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassInfoExA
GetCapture
WinHelpA
RegisterWindowMessageA
TabbedTextOutA
DrawTextExA
GrayStringA
LoadBitmapA
GetIconInfo
DialogBoxParamA
EndDialog
IsDlgButtonChecked
EnableWindow
PostMessageA
GetDlgItem
DestroyMenu
DestroyWindow
DefWindowProcA
SetCursor
GetCursorPos
ScreenToClient
LoadIconA
LoadCursorA
RegisterClassA
LoadMenuA
SetRect
AdjustWindowRect
CreateWindowExA
GetWindowLongA
SetWindowPos
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
MessageBoxA
SetWindowLongA
SetMenu
GetMenu
GetClassLongA
GetWindowRect
ClipCursor
SetCapture
ShowCursor
ReleaseCapture
SendMessageA
GetDC
wsprintfA
GetClientRect
DrawTextA
ReleaseDC
GetAsyncKeyState
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnregisterClassA
GetSysColorBrush
GetSysColor
GetSystemMetrics
UnhookWindowsHookEx
IsWindowEnabled
GetLastActivePopup
GetParent
GetClassNameA
SetWindowTextA
GetWindowTextA
GetFocus
PtInRect
GetDlgCtrlID
CheckRadioButton
GetWindow
ClientToScreen
ValidateRect
GetKeyState
CallNextHookEx
SetWindowsHookExA
PostQuitMessage

gdi32

CreateBitmap
GetObjectA
GetDIBits
CreateCompatibleDC
CreateDIBSection
SetMapMode
GetDeviceCaps
CreateFontA
SelectObject
SetTextColor
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
DeleteObject
DeleteDC
GetStockObject
GetClipBox
SaveDC
RestoreDC
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx

comctl32

ord17

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 840KB - Virtual size: 839KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48261c70b9055ce7b87cf60e1a61c6bb

Headers

File Characteristics

Imports

dsound

d3d9

winmm

kernel32

user32

gdi32

comctl32

advapi32

oleacc

winspool.drv

oleaut32

Sections

.text Size: 840KB - Virtual size: 839KB

.rdata Size: 156KB - Virtual size: 154KB

.data Size: 92KB - Virtual size: 244KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 840KB - Virtual size: 839KB

.rdata
Size: 156KB - Virtual size: 154KB

.data
Size: 92KB - Virtual size: 244KB

.rsrc
Size: 28KB - Virtual size: 26KB