2024-03-13_4db9ad86ff8afddb2d885b179f693b7a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-13_4db9ad86ff8afddb2d885b179f693b7a_icedid
Size

1.2MB
MD5

4db9ad86ff8afddb2d885b179f693b7a
SHA1

1077a5671422cee95957c387adbfe98bcad1c826
SHA256

f2c89fea68763553a4708c5af7910ec5bd7184a105c5409103481d59f38742b1
SHA512

d621ffec14c2019e45893f20618db85c16822c7bd8053e3e2f5c85c96420303b0e3d19f4cfdc40ccc2841663021df79efaebdc8edeec0c6e51f1db0e1dbc660c
SSDEEP

24576:7DluvcHBrjizwC7CMeQ9IRCpqiXfMS/Sb+4V:HlE6jrQ9I48iPMSab

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-13_4db9ad86ff8afddb2d885b179f693b7a_icedid

Files

2024-03-13_4db9ad86ff8afddb2d885b179f693b7a_icedid
.exe windows:4 windows x86 arch:x86

a96069e74aafd84e65f37885a1fad1d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
GetConsoleCP
GetConsoleMode
CreateDirectoryW
ExitProcess
SetEnvironmentVariableW
SetCurrentDirectoryW
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
HeapAlloc
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTimeZoneInformation
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
HeapFree
GetFileTime
FileTimeToLocalFileTime
SetErrorMode
GetFullPathNameW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DeleteFileW
GetCurrentDirectoryW
WritePrivateProfileStringW
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GlobalFlags
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetVersionExW
GetTickCount
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetModuleHandleA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GlobalFree
FormatMessageW
LocalFree
MulDiv
lstrlenW
GetLastError
SetLastError
GlobalLock
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetVolumeInformationW
GetFileAttributesW
GlobalAlloc
GlobalUnlock
CreateFileW
WriteFile
CloseHandle
FindResourceW
LoadResource
LockResource
GetFileType
SizeofResource

user32

GetSysColorBrush
UnregisterClassW
MessageBeep
SetRect
CharUpperW
PostThreadMessageW
CharNextW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
IsWindowVisible
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
DefWindowProcW
CallWindowProcW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndPaint
GetWindowDC
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnhookWindowsHookEx
GetMenuStringW
GetMenuItemID
GetFocus
SetWindowPos
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
GetWindow
GetAsyncKeyState
EnableScrollBar
SetScrollRange
SetScrollPos
GetDesktopWindow
KillTimer
SetTimer
LoadAcceleratorsW
IsClipboardFormatAvailable
GetCursorPos
GetSystemMetrics
LoadIconW
SetForegroundWindow
SetClipboardViewer
ChangeClipboardChain
RedrawWindow
UpdateWindow
IsIconic
DrawMenuBar
GetMenu
RemoveMenu
ModifyMenuW
InsertMenuW
GetMenuState
GetMenuItemCount
EnableMenuItem
CheckMenuItem
DeleteMenu
DrawIcon
LoadBitmapW
TranslateAcceleratorW
GetKeyState
LockWindowUpdate
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
SystemParametersInfoW
wsprintfW
GetClipboardFormatNameW
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamW
EndDialog
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
CloseClipboard
RegisterClipboardFormatW
GetWindowThreadProcessId
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
BeginPaint
RegisterWindowMessageW
LoadCursorW
DestroyMenu
LoadMenuW
DestroyCursor
GetSysColor
GetSubMenu
TrackPopupMenuEx
PostMessageW
SetCursor
GetWindowLongW
EnableWindow
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SendMessageW
DrawFocusRect
FrameRect
FillRect
OffsetRect
InflateRect
CopyRect
GetDC
ReleaseDC
DrawStateW
DestroyIcon
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePen
CreateRectRgnIndirect
ScaleViewportExtEx
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
MoveToEx
LineTo
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetClipBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateFontW
CreateSolidBrush
CreateFontIndirectW
StretchBlt
GetDeviceCaps
CreateDIBSection
GetObjectW
CreateCompatibleBitmap
GetPixel
SetPixel
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteExW
DragQueryFileW

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionW
PathStripToRootW
PathFindFileNameW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 588KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a96069e74aafd84e65f37885a1fad1d2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 588KB - Virtual size: 584KB

.rdata Size: 124KB - Virtual size: 122KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 520KB - Virtual size: 519KB

.text
Size: 588KB - Virtual size: 584KB

.rdata
Size: 124KB - Virtual size: 122KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 520KB - Virtual size: 519KB