2024-03-09_fa6b197ea599645b8dcd6bb25d1bd6dc_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-09_fa6b197ea599645b8dcd6bb25d1bd6dc_icedid
Size

3.9MB
MD5

fa6b197ea599645b8dcd6bb25d1bd6dc
SHA1

cd664f69e35a863b5d4853706c417ea88e85aeb1
SHA256

f3d699bf59bd466b06b3f8c7c6d23e3e7aa7ec519f7791e533e51d5b948050d9
SHA512

f234934ea62d7e1a17e434c6c24a08b23128144220b8fab569f4a7f36d88e2dc8d6eb90c22024614d957448eb0b8ac705443a0235c0fa8774898ac39010a0a22
SSDEEP

98304:eBatQCxB07diGONJCut9eLUFtNvshnFVNOAQawJS:eBatQCxB00Htrrshn9Oy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-09_fa6b197ea599645b8dcd6bb25d1bd6dc_icedid

Files

2024-03-09_fa6b197ea599645b8dcd6bb25d1bd6dc_icedid
.exe windows:5 windows x86 arch:x86

451fb48a9fc2cfd3b225e84ebb92d9ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

kernel32

WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
CreateFileA
WriteFile
CloseHandle
SetCurrentDirectoryA
DeleteFileA
SearchPathA
GetTempPathA
GetLongPathNameA
GetTempFileNameA
CreateDirectoryA
GetLastError
FreeResource
GetModuleHandleA
FreeLibrary
GetSystemInfo
EnumResourceNamesA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GlobalUnlock
GlobalLock
WritePrivateProfileStringA
GetModuleFileNameA
LocalAlloc
LocalFree
InterlockedExchange
RaiseException
lstrlenA
MulDiv
MultiByteToWideChar
CompareStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
VirtualFree
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetStdHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
lstrlenW
GlobalAlloc
ExitProcess
CreateThread
FormatMessageA
GlobalSize
CopyFileA
ExitThread
HeapSize
HeapReAlloc
VirtualQuery
VirtualAlloc
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
RemoveDirectoryA
GetSystemTimeAsFileTime
FindResourceExA
VirtualProtect
GetProfileIntA
GetTickCount
lstrcpyA
GetSystemDirectoryW
LoadLibraryW
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalFree
GlobalFlags
FileTimeToSystemTime
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
SetLastError

user32

FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
SetClassLongA
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
SetWindowRgn
IsZoomed
SetCapture
LockWindowUpdate
UnionRect
SetParent
GetSystemMenu
IsRectEmpty
MapVirtualKeyA
GetKeyNameTextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
WindowFromPoint
KillTimer
SetTimer
UnpackDDElParam
ReuseDDElParam
LoadMenuA
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
DeleteMenu
ShowOwnedPopups
InvalidateRect
SetRectEmpty
CharUpperA
DestroyIcon
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMessageA
GetActiveWindow
ValidateRect
GetDesktopWindow
ClientToScreen
DestroyMenu
GetMenuItemInfoA
InflateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetUpdateRect
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetDC
ReleaseDC
GetSysColorBrush
IsWindowEnabled
MoveWindow
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
EnableWindow
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetMenuDefaultItem
CopyImage
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
GetIconInfo
IsCharLowerA
MapVirtualKeyExA
SubtractRect
PtInRect
GetDlgCtrlID
SendMessageA
CallWindowProcA
GetMenu
GetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetNextDlgGroupItem
GetWindowRgn
DrawIcon
DestroyCursor
LoadBitmapA
MapDialogRect
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ShowWindow
SetWindowPos
DispatchMessageA
TranslateMessage
PeekMessageA
LoadStringA
SetRect
SetWindowLongA
CreateWindowExA
RegisterClassExA
GetSystemMetrics
LoadIconA
DestroyWindow
GetClientRect
EnumDisplaySettingsA
SetMenu
LoadCursorA
SetCursor
SetWindowTextA
MessageBoxA
GetAsyncKeyState
LoadImageA
GetWindowRect
DefWindowProcA
ScreenToClient
GetCursorPos
AppendMenuA
CreatePopupMenu
GetSysColor
PostQuitMessage

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateCompatibleBitmap
CreateRectRgnIndirect
SetRectRgn
CombineRgn
SetTextAlign
DPtoLP
GetBkColor
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateDIBSection
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
RoundRect
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileA
GetDeviceCaps
PatBlt
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA

shell32

SHFileOperationA
SHGetFileInfoA
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHAppBarMessage

comctl32

ord17
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveFileSpecW

winmm

PlaySoundA

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoInitializeEx
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleCreateMenuDescriptor

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

451fb48a9fc2cfd3b225e84ebb92d9ae

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

winmm

ole32

oleaut32

gdiplus

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 341KB - Virtual size: 341KB

.data Size: 25KB - Virtual size: 61KB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 341KB - Virtual size: 341KB

.data
Size: 25KB - Virtual size: 61KB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB