2024-03-15_a66fff6b0fc9e828498571e98474809d_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-15_a66fff6b0fc9e828498571e98474809d_icedid
Size

2.2MB
MD5

a66fff6b0fc9e828498571e98474809d
SHA1

831f8b1e466517e2ee9264c34a207dd982e3dfdc
SHA256

29c570d20c91d37b4d3dfcac129a343bae7b2df6bd38eb3a0e2b6ba11b8fcbc1
SHA512

2bfe48e8583a4041a0d5229807e5307e2693628cd210e28c9d18347ac11cd2e924ea25c6f755c99c21a4c12d30ce99a7360c54c18d701aceaa3756210a44ce86
SSDEEP

49152:1Yhb42Ic+CZC84NMGrWHDxdncW75GxORtaKedInggIYrxL:3Jc+CZC847rWHDxdnNtTR8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-15_a66fff6b0fc9e828498571e98474809d_icedid

Files

2024-03-15_a66fff6b0fc9e828498571e98474809d_icedid
.exe windows:4 windows x86 arch:x86

d88b57180ba66b8d9a7de559046b0c1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

agm

ord318
ord59
ord12
ord250
ord58
ord38
ord11
ord17
ord13
ord5
ord24
ord222
ord227
ord198
ord151
ord197
ord16
ord47
ord113
ord356
ord270
ord96
ord85
ord89
ord152
ord99
ord83
ord4
ord367
ord14
ord8
ord6
ord237
ord304
ord72
ord300
ord273
ord313
ord153
ord42
ord147
ord272
ord235
ord236
ord84
ord284
ord319
ord279
ord129
ord119
ord120
ord121
ord249
ord340
ord149
ord9
ord45
ord39
ord36
ord193
ord221
ord368
ord317
ord335
ord325
ord329
ord301
ord44
ord314
ord104
ord260
ord41
ord327
ord326
ord328
ord282
ord305
ord324
ord323
ord321
ord15
ord40
ord25
ord18
ord20
ord3
ord288
ord2
ord37
ord19
ord22
ord130
ord337
ord10
ord21
ord48
ord286
ord285
ord283
ord228
ord229
ord231
ord342
ord344
ord338
ord143
ord63
ord339
ord709
ord116
ord117
ord118
ord230
ord705
ord347
ord702
ord707
ord715
ord708
ord704

cooltype

ord29
ord27
ord26
ord12
ord51
ord8
ord6
ord24
ord23
ord21
ord20
ord7
ord11
ord48
ord32
ord33
ord28
ord25
ord10
ord49
ord30
ord66
ord98
ord31
ord13
ord18
ord69
ord45
ord44
ord61
ord88
ord47
ord87
ord2
ord17
ord86
ord39
ord40
ord38
ord96
ord34
ord95
ord60
ord46
ord41
ord3

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

CloseHandle
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
DeleteFileA
GetSystemInfo
OpenSemaphoreA
CopyFileA
lstrcmpA
GetVersion
GlobalReAlloc
lstrcpynA
GetTickCount
WinExec
GetUserDefaultLCID
SizeofResource
WritePrivateProfileStringA
GetSystemTimeAsFileTime
LockFile
GetLocaleInfoA
MultiByteToWideChar
GlobalAlloc
GlobalLock
GetACP
WideCharToMultiByte
GlobalUnlock
GlobalFree
GetWindowsDirectoryA
lstrcatA
GetPrivateProfileStringA
OpenFile
_lclose
_lread
SetCurrentDirectoryA
GetCurrentDirectoryA
GlobalHandle
FreeResource
GlobalSize
CreateDirectoryA
MulDiv
GetProfileIntA
GetDiskFreeSpaceA
GetEnvironmentVariableA
GetCommandLineA
CreateFileA
SetHandleCount
GetDriveTypeA
_lwrite
GetFileAttributesA
_llseek
GetTempPathA
SetEndOfFile
GetTempFileNameA
SetFileAttributesA
IsValidCodePage
WriteFile
FileTimeToLocalFileTime
CompareFileTime
SystemTimeToFileTime
IsDBCSLeadByte
GlobalGetAtomNameA
_lopen
lstrcpyA
lstrlenA
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
LocalFree
FormatMessageA
SetLastError
GlobalAddAtomA
GetFileTime
lstrlenW
SetFileTime
GetCurrentProcess
GetFullPathNameA
DuplicateHandle
FlushFileBuffers
ReadFile
SetFilePointer
GetPrivateProfileIntA
FindFirstFileA
lstrcmpiA
UnlockFile
MoveFileA
GetVolumeInformationA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
GetCurrentThread
GlobalDeleteAtom
LocalAlloc
InitializeCriticalSection
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetFileSize
LocalFileTimeToFileTime
FileTimeToSystemTime
SetErrorMode
GetProfileStringA
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree
HeapValidate
HeapCompact
GetOEMCP
SetEnvironmentVariableA
GetCPInfo
GetModuleHandleA
ExitProcess
TerminateProcess
GetSystemTime
GetStartupInfoA
GetTimeZoneInformation
RaiseException
GetLocalTime
HeapCreate
HeapSize
HeapDestroy
LCMapStringA
VirtualFree
VirtualAlloc
GetFileType
LCMapStringW
SetStdHandle
CompareStringW
GetStdHandle
IsBadWritePtr
CompareStringA
IsBadCodePtr
GetCurrentProcessId
IsBadReadPtr
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStringTypeA
GetLocaleInfoW
FindNextFileA
FreeLibrary
GetLastError
LockResource
LoadResource
FindResourceA
GetVersionExA
FindClose
GetProcAddress
LoadLibraryA
GlobalMemoryStatus

user32

GetTopWindow
GetWindowTextLengthA
GetWindowTextA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
GetMessageTime
GetMessagePos
OemToCharBuffA
IsZoomed
SetParent
IntersectRect
IsRectEmpty
GetSystemMenu
CharUpperBuffA
CharToOemBuffA
CharUpperA
SetWindowTextA
WinHelpA
GetSubMenu
GetWindowPlacement
ShowOwnedPopups
WindowFromPoint
ScrollWindow
InvalidateRgn
InSendMessage
MapDialogRect
PtInRect
GetDCEx
LockWindowUpdate
InvertRect
GetMenuStringA
PostThreadMessageA
CopyAcceleratorTableA
GetTabbedTextExtentA
CharNextA
RemovePropA
GetUpdateRect
GetUpdateRgn
GetScrollPos
ShowScrollBar
SetScrollInfo
EndDeferWindowPos
CopyRect
IsWindowEnabled
GetActiveWindow
EqualRect
EndPaint
SetCapture
GetPropA
SetPropA
IsChild
SetFocus
GetDoubleClickTime
GetCursor
DeferWindowPos
BeginDeferWindowPos
EnableScrollBar
SetScrollPos
SetScrollRange
CallWindowProcA
GetClassInfoA
GetMenuItemRect
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
DispatchMessageA
GetNextDlgGroupItem
RemoveMenu
InsertMenuA
GetMenu
DestroyMenu
SetMenu
CreateMenu
GetCursorPos
GetSysColorBrush
TabbedTextOutA
SetWindowLongA
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
ValidateRect
IsIconic
DeleteMenu
CreatePopupMenu
AppendMenuA
IsDialogMessageA
LoadCursorA
SetCursor
UnregisterClassA
DrawMenuBar
SetActiveWindow
GetCapture
ReleaseCapture
InflateRect
OemToCharA
DrawIcon
DestroyIcon
RegisterClipboardFormatA
LoadIconA
GetClassNameA
SetRect
OffsetRect
GetWindowLongA
GetWindow
SetTimer
KillTimer
BringWindowToTop
PostMessageA
RegisterWindowMessageA
RegisterClassA
CreateWindowExA
ShowWindow
DestroyWindow
FindWindowA
DefWindowProcA
LoadStringA
SystemParametersInfoA
GetWindowDC
FrameRect
GetDlgItem
GetParent
GetDlgCtrlID
SendDlgItemMessageA
GetSysColor
DrawFocusRect
GetFocus
UpdateWindow
AdjustWindowRectEx
IsWindow
MapWindowPoints
CreateDialogIndirectParamA
SetDlgItemInt
SetDlgItemTextA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
DrawTextA
GrayStringA
wvsprintfA
DefFrameProcA
TranslateMDISysAccel
TranslateAcceleratorA
DefMDIChildProcA
RedrawWindow
GetMessageA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
MessageBeep
LoadBitmapA
BeginPaint
ModifyMenuA
GetKeyboardLayout
GetDesktopWindow
GetDC
ReleaseDC
ActivateKeyboardLayout
GetKeyboardLayoutList
GetAsyncKeyState
GetKeyState
MapVirtualKeyExA
VkKeyScanExA
DdeClientTransaction
DdeDisconnect
DdeConnect
DdeCreateDataHandle
DdeAddData
SetForegroundWindow
PostQuitMessage
DdeGetData
PeekMessageA
DdeFreeStringHandle
DdeCreateStringHandleA
DdeNameService
DdeUninitialize
DdeInitializeA
MessageBoxA
ClientToScreen
IsWindowVisible
SetWindowPos
SetRectEmpty
GetCaretPos
GetClientRect
ScreenToClient
EnableWindow
InvalidateRect
GetSystemMetrics
GetWindowRect
SendMessageA
wsprintfA
FillRect
TranslateMessage
EndDialog
GetNextDlgTabItem
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
ShowCaret
HideCaret

gdi32

Polyline
CreatePolygonRgn
CreateRectRgn
GetPolyFillMode
FillRgn
GetWindowOrgEx
CreatePatternBrush
LineTo
GdiFlush
MoveToEx
SetROP2
CreateFontA
SetWindowOrgEx
RemoveFontResourceA
AddFontResourceA
GetTextMetricsA
CreateDIBitmap
CreatePen
CreatePalette
CreateICA
BitBlt
DeleteDC
CreateDCA
CreateCompatibleDC
GetDIBits
CreateCompatibleBitmap
GetTextExtentPoint32A
LPtoDP
GetTextExtentPointA
SetBkColor
ExtTextOutA
TextOutA
GetDeviceCaps
SetTextColor
EnumFontFamiliesA
EnumFontsA
EnumFontFamiliesExA
ExtEscape
Escape
SelectObject
CreateFontIndirectA
GetObjectA
DeleteObject
SetDIBitsToDevice
CreateSolidBrush
GetStockObject
SetTextAlign
SetBkMode
SelectClipRgn
GetClipRgn
SetRectRgn
GetClipBox
SetMapMode
GetMapMode
CreateBitmap
StretchBlt
RealizePalette
SelectPalette
OffsetRgn
CombineRgn
ResetDCA
GetPaletteEntries
EndPage
StartPage
EndDoc
StartDocA
SetAbortProc
AbortDoc
DPtoLP
DeleteEnhMetaFile
CreateEnhMetaFileA
GetRgnBox
CloseEnhMetaFile
CreateScalableFontResourceA
GetFontData
GetTextFaceA
RestoreDC
SaveDC
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetViewportExtEx
ScaleWindowExtEx
ExcludeClipRect
SetWindowExtEx
IntersectClipRect
GetCurrentPositionEx
GetWindowExtEx
GetViewportExtEx
PtVisible
DeleteMetaFile
CloseMetaFile
RectVisible
PatBlt
CreateRectRgnIndirect
CreateMetaFileA
GetTextAlign
GetTextColor
CopyMetaFileA
GetBkColor

comdlg32

CommDlgExtendedError
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
PrintDlgA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetPrinterDriverDirectoryA
GetPrinterDriverA
EnumJobsA
EnumPrintersA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegDeleteValueA
GetUserNameA
SetFileSecurityA
RegQueryValueA
GetFileSecurityA

shell32

ExtractIconA
SHGetFileInfoA
DragAcceptFiles
DragQueryPoint
FindExecutableA
ShellExecuteA
DragQueryFileA
DragFinish

comctl32

ImageList_Destroy
ord17

oledlg

ord8

ole32

OleLockRunning
StringFromCLSID
DoDragDrop
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
OleIsCurrentClipboard
OleFlushClipboard
CreateDataAdviseHolder
CreateOleAdviseHolder
CreateGenericComposite
OleSaveToStream
WriteClassStm
ReleaseStgMedium
IsAccelerator
OleCreateMenuDescriptor
StgOpenStorage
StgCreateDocfile
CoLockObjectExternal
WriteClassStg
GetRunningObjectTable
CreateFileMoniker
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoDisconnectObject
CreateStreamOnHGlobal
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CLSIDFromProgID
OleRun
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CreateBindCtx
OleTranslateAccelerator
StgOpenStorageOnILockBytes
OleDuplicateData
OleIsRunning
CreateItemMoniker
OleDestroyMenuDescriptor
CoGetClassObject
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgIsStorageFile

oleaut32

SysAllocString
VariantChangeType
VariantClear
OleCreateFontIndirect
SysStringLen
SysStringByteLen
SysAllocStringLen
SysAllocStringByteLen
SysFreeString

mpr

WNetOpenEnumA
WNetGetConnectionA
WNetAddConnection2A
WNetCloseEnum
WNetEnumResourceA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 125KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 530KB - Virtual size: 529KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d88b57180ba66b8d9a7de559046b0c1a

Headers

File Characteristics

Imports

agm

cooltype

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

mpr

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 125KB - Virtual size: 154KB

.rsrc Size: 530KB - Virtual size: 529KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 125KB - Virtual size: 154KB

.rsrc
Size: 530KB - Virtual size: 529KB