2024-03-08_6ed94225de2e143468f758e8c6440c20_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-08_6ed94225de2e143468f758e8c6440c20_icedid
Size

344KB
MD5

6ed94225de2e143468f758e8c6440c20
SHA1

87ca2e90d60ae08f62a8665af72ba6f0d9c16884
SHA256

0b5e57720238c869452fa36e11936fd39a6353d5e0c4468a7bf6fd6988aebe93
SHA512

648ebdc8376c7972512c2e5e7887e566235065d11fb7acafa7d995ad5ef2d5e9e0d89c06afb65498eeeed5d82dc24ec03920e5ba9256af8eb2ead313155d9320
SSDEEP

6144:bMgfn7pDuWVg44pynQD84PZ+zYYO9hNZDqaGzy65Artdo:bMgfn5u4gZpyQAG+zYYOPrDf0k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-08_6ed94225de2e143468f758e8c6440c20_icedid

Files

2024-03-08_6ed94225de2e143468f758e8c6440c20_icedid
.exe windows:4 windows x86 arch:x86

0d26605b4d247f26cc6baaf52a6f811c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutGetNumDevs

gdiplus

GdipAlloc
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDeleteFont
GdipLoadImageFromStream
GdipSaveImageToFile
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipDisposeImage
GdipCreateSolidFill
GdipGetImageGraphicsContext
GdipDrawString
GdipCreateFont
GdipCloneBrush
GdipCloneImage
GdipGetImageThumbnail
GdiplusShutdown
GdiplusStartup
GdipDeleteBrush
GdipFree

kernel32

CreateEventA
GetOverlappedResult
SetFilePointer
ReadFile
DeviceIoControl
GetDiskFreeSpaceExA
GetFileSize
GlobalAlloc
MulDiv
GlobalFree
GetCurrentProcessId
OpenProcess
SetPriorityClass
FormatMessageA
GetCurrentDirectoryA
SetCurrentDirectoryA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
CloseHandle
LocalFree
CreateThread
WaitForSingleObject
CreateFileA
Sleep
OutputDebugStringA
SetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetEnvironmentVariableA
lstrcpynA
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleA
lstrcmpW
lstrcatA
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
lstrcmpA
InterlockedDecrement
GetModuleFileNameA
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
InterlockedIncrement
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
FileTimeToSystemTime
WritePrivateProfileStringA
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle

user32

IsChild
SetFocus
IsWindow
GetFocus
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
MoveWindow
IsWindowEnabled
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetActiveWindow
GetWindowTextA
DestroyMenu
PostQuitMessage
ValidateRect
GetCursorPos
GetMessageA
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
SetCapture
ReleaseCapture
CharNextA
IsRectEmpty
SetRect
CopyAcceleratorTableA
InvalidateRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetTopWindow
RegisterClipboardFormatA
PostThreadMessageA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDesktopWindow
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
DestroyWindow
UnhookWindowsHookEx
MessageBoxA
ClientToScreen
LoadMenuA
ModifyMenuA
GetSubMenu
EnableMenuItem
CheckMenuItem
ShowWindow
LoadBitmapA
PeekMessageA
TranslateMessage
DispatchMessageA
SetTimer
BringWindowToTop
LoadStringA
KillTimer
UpdateWindow
GetCursor
LoadCursorA
SetCursor
wsprintfA
UnregisterClassA
GetDlgItem
SetWindowTextA
GetSystemMetrics
LoadIconA
GetClientRect
IsIconic
GetSystemMenu
PostMessageA
AppendMenuA
DrawIcon
SendMessageA
EnableWindow
DrawFocusRect
FrameRect
FillRect
InflateRect
CopyRect
CharUpperA
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetMessageTime
GetMessagePos
MapWindowPoints
PtInRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount

gdi32

SetBkColor
SetTextColor
GetClipBox
GetObjectA
SaveDC
RestoreDC
SetMapMode
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateSolidBrush
GetStockObject
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
TextOutA
StartDocA
StartPage
EndPage
AbortDoc
EndDoc
GetDeviceCaps

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CreateStreamOnHGlobal
CoInitialize
StgCreateDocfile
StringFromCLSID
CoInitializeEx
CoTaskMemFree
CoCreateInstance
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc

oleaut32

VariantChangeType
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantClear
SysFreeString
VariantInit
SysAllocString
OleLoadPicture
SysAllocStringLen

comctl32

ImageList_Destroy
ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveExtensionA

oledlg

ord8

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetSaveFileNameA
PrintDlgA
GetFileTitleA
GetOpenFileNameA

Sections

.text
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d26605b4d247f26cc6baaf52a6f811c

Headers

File Characteristics

Imports

winmm

gdiplus

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

oledlg

oleacc

winspool.drv

comdlg32

Sections

.text Size: 228KB - Virtual size: 225KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 228KB - Virtual size: 225KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 40KB - Virtual size: 38KB