2024-03-11_0354204973e9de0996925fb9db12c786_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-11_0354204973e9de0996925fb9db12c786_icedid
Size

701KB
MD5

0354204973e9de0996925fb9db12c786
SHA1

97f0a0dccd240ff4414480bd0954ff608507df17
SHA256

1686c6b39cd1a88d9811dccd75ff54bef0c12a8713e17bb337396cb925601eec
SHA512

b82238605faa93acc09747037b6022f2cd84ea364c33cbc91bb7cd21cf7a1044a35a8b13ec1f30a7422e5963eeb0fee6bd1003af7ccfa4ba5ce22000c591968c
SSDEEP

12288:CB5fWL5pWUGFvYELRknj6/tDumaIuBbZo2iWry8IDwF8KFLH7j7:iFvYmknj6x8Iu5ZNIsF8KNH7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-11_0354204973e9de0996925fb9db12c786_icedid

Files

2024-03-11_0354204973e9de0996925fb9db12c786_icedid
.exe windows:4 windows x86 arch:x86

fd3bdef41611dc7feeeb176e1c7c9526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetTimeZoneInformation
GetSystemTime
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
CreateFileA
GetCPInfo
TerminateProcess
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
RaiseException
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
ExitProcess
GetStartupInfoW
CopyFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesW
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
lstrcmpiW
GetThreadLocale
InterlockedExchange
MoveFileExW
ReleaseMutex
SetProcessWorkingSetSize
GetFileSizeEx
ResetEvent
CreateDirectoryW
GetLongPathNameW
OutputDebugStringW
SetEnvironmentVariableW
GetEnvironmentVariableW
GetCurrentProcessId
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
FormatMessageW
LocalFree
CreateEventW
ResumeThread
SetEvent
lstrcmpW
OpenThread
QueryPerformanceCounter
GetSystemDirectoryA
CreateEventA
TryEnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentThread
lstrcpynW
SetLastError
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
LoadLibraryA
GetVersion
lstrcatW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GlobalFree
GetFileAttributesExW
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
lstrlenA
WritePrivateProfileStringW
GetVersionExW
FreeLibrary
WaitForSingleObject
lstrcpyW
CreateThread
MultiByteToWideChar
Sleep
GetPrivateProfileStringW
lstrlenW
GetPrivateProfileIntW
GetTempPathW
FindResourceW
SizeofResource
LoadResource
CreateFileW
LockResource
WriteFile
CloseHandle
GetModuleHandleW
LoadLibraryW
GetProcAddress
DeleteFileW
SetUnhandledExceptionFilter
GetTickCount
CreateMutexW
GetLastError
GetModuleFileNameW
IsValidLocale

user32

GetSysColorBrush
GetDesktopWindow
GetClassNameW
CharUpperW
MapDialogRect
SetWindowContextHelpId
GetMessageW
TranslateMessage
ValidateRect
WindowFromPoint
DestroyMenu
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageW
DispatchMessageW
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
UnregisterClassW
GetCapture
WinHelpW
RegisterClassW
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
GetKeyState
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
CharNextW
CopyAcceleratorTableW
SetRect
GetNextDlgGroupItem
MessageBeep
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetParent
GetWindowLongW
GetDlgItem
DestroyIcon
RegisterClipboardFormatW
ClientToScreen
SystemParametersInfoW
DrawIconEx
GetWindowRect
PtInRect
PostQuitMessage
GetCursorPos
SetForegroundWindow
LoadMenuW
GetSubMenu
IsWindowVisible
KillTimer
IsWindowEnabled
GetClassInfoW
FindWindowW
SetTimer
LoadIconW
LoadImageW
PostMessageW
PostThreadMessageW
wsprintfW
LoadStringW
MessageBoxW
LoadCursorW
SetCursor
InvalidateRect
LoadBitmapW
OffsetRect
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuW
SendMessageW
ShowWindow
MoveWindow
GetFocus

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetMapMode
GetWindowExtEx
DPtoLP
GetTextColor
GetBkColor
LPtoDP
GetViewportExtEx
BitBlt
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
DeleteObject
CreateSolidBrush
StretchBlt
CreateCompatibleBitmap
GetDeviceCaps
CreateFontW
GetObjectW
CreateCompatibleDC
SelectObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteExW

comctl32

_TrackMouseEvent
ord17

oledlg

OleUIBusyW

ole32

CoTaskMemFree
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoInitialize
OleInitialize
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject

olepro32

ord251
ord253

oleaut32

SysStringLen
SysAllocString
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType

msimg32

TransparentBlt

shlwapi

PathFileExistsW
PathFindFileNameW

version

GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeA

ws2_32

ntohs
ntohl
send
accept
WSACloseEvent
connect
WSAEventSelect
recv
listen
gethostname
gethostbyname
closesocket
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSACreateEvent
select
inet_ntoa
WSAStartup
WSACleanup
bind
htons
htonl
setsockopt
ioctlsocket
WSAGetLastError
socket
sendto
inet_addr
recvfrom
__WSAFDIsSet

Sections

.text
Size: 412KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

cfftq
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 82KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd3bdef41611dc7feeeb176e1c7c9526

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

msimg32

shlwapi

version

ws2_32

Sections

.text Size: 412KB - Virtual size: 410KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 36KB - Virtual size: 61KB

.rsrc Size: 76KB - Virtual size: 75KB

cfftq Size: 8KB - Virtual size: 4KB

Size: 84KB - Virtual size: 82KB

.text
Size: 412KB - Virtual size: 410KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 36KB - Virtual size: 61KB

.rsrc
Size: 76KB - Virtual size: 75KB

cfftq
Size: 8KB - Virtual size: 4KB