2024-03-10_dbad535c66b412a2dac09e49a5b2fe2a_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-10_dbad535c66b412a2dac09e49a5b2fe2a_icedid
Size

416KB
MD5

dbad535c66b412a2dac09e49a5b2fe2a
SHA1

ec6c8b6392fb0e3919d2e659a8f40be89f202f99
SHA256

b2130a307416ec78794770609a6771ccdc69ab9c712a5f56177fcc893faeabe3
SHA512

94aaf563987ed1361d4a16c17da5f13187b0648424f965807897efdca6c217fd9b8d611237b7a5138f6fbb8446c0a65793da5f541b0811245d57c2a744d7ea5a
SSDEEP

6144:bNr57wIw1YO93KTVSV+3TxVCgxk2FQuoqYE0DpBrrjyoOu663dJsuf:bcv1YO93qVSOTqgxk2S9qev7k6wu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-10_dbad535c66b412a2dac09e49a5b2fe2a_icedid

Files

2024-03-10_dbad535c66b412a2dac09e49a5b2fe2a_icedid
.exe windows:4 windows x86 arch:x86

706d8390dcfc3ae23dfa12dd4d8f86ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapReAlloc
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
CreateThread
ExitThread
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
HeapAlloc
HeapFree
GetTickCount
GetCurrentDirectoryA
GetOEMCP
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetFileTime
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
lstrcpynA
GlobalLock
GlobalUnlock
MulDiv
GetProcAddress
SetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrcatA
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GetModuleHandleA
SetFilePointer
WinExec
GetDiskFreeSpaceA
GetLogicalDriveStringsA
GetDriveTypeA
CreateProcessA
SetErrorMode
CreateDirectoryA
GetFileAttributesA
CreateFileA
CloseHandle
ReadFile
WriteFile
FlushFileBuffers
SizeofResource
GetLastError
FreeResource
FindResourceA
LoadResource
LockResource
lstrcmpiA
CompareStringA
CompareStringW
GetCPInfo
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
lstrlenA
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetFileType

user32

ReleaseCapture
SetWindowContextHelpId
MapDialogRect
wsprintfA
CreateDialogIndirectParamA
EndDialog
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
MessageBoxA
TrackPopupMenu
SetForegroundWindow
PostThreadMessageA
UpdateWindow
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
CallWindowProcA
SetWindowPos
GetWindowPlacement
GetWindow
DefWindowProcA
GetDlgCtrlID
GetKeyState
GetCursorPos
IsChild
GetCapture
DeferWindowPos
SetRectEmpty
IntersectRect
EndPaint
BeginPaint
GetWindowDC
UnregisterClassA
GetMenuStringA
DestroyMenu
KillTimer
SetTimer
ScreenToClient
PtInRect
LoadCursorA
CopyIcon
IsWindow
GetMessagePos
MessageBeep
SetWindowLongA
LoadIconA
IsIconic
GetSystemMenu
DrawIcon
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
DrawFocusRect
DrawStateA
FrameRect
OffsetRect
RegisterClipboardFormatA
SetParent
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
InflateRect
LoadImageA
GetIconInfo
CreateIconIndirect
SendMessageA
PostMessageA
SetCursor
IsMenu
DestroyCursor
EnableWindow
GetDesktopWindow
ReleaseDC
GetDC
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuState
SetCapture
LockWindowUpdate
IsWindowVisible
GetDCEx
GetMenuItemID
GetMenuItemCount
AppendMenuA
DeleteMenu
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
TabbedTextOutA
DrawEdge
LoadBitmapA
GetSysColorBrush
FillRect
CopyRect
SetRect
GetSystemMetrics
DrawTextA
DrawIconEx
DestroyIcon
CharUpperA
SystemParametersInfoA
GetSysColor
GetMenuItemInfoA

gdi32

ExtSelectClipRgn
CreatePatternBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
StretchDIBits
GetCharWidthA
CreateFontA
GetBkColor
GetTextColor
GetRgnBox
SetBkMode
RestoreDC
SaveDC
RoundRect
CreateRectRgn
CreateBrushIndirect
GetTextExtentPointA
CreatePenIndirect
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
GetTextExtentPoint32W
Escape
GetTextExtentPoint32A
ExtTextOutA
TextOutA
SetPixel
GetPixel
PatBlt
Rectangle
Ellipse
RectVisible
PtVisible
GetBkMode
GetDeviceCaps
GetObjectA
CreateCompatibleBitmap
CreateFontIndirectA
CreateHatchBrush
CreatePen
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
CreateSolidBrush
DeleteObject
DeleteDC
SetMapMode

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
ShellExecuteExA
DragAcceptFiles
DragQueryFileA

comctl32

ImageList_AddMasked
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
_TrackMouseEvent
ImageList_Destroy
ImageList_Create
ord17
ImageList_GetImageCount

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
CoInitialize
CoUninitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

SysFreeString
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit

winmm

PlaySoundA

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

706d8390dcfc3ae23dfa12dd4d8f86ca

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 32KB - Virtual size: 30KB