2024-03-15_453b59b25febc2b0c4a12cf917fa4ef1_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-15_453b59b25febc2b0c4a12cf917fa4ef1_icedid
Size

956KB
MD5

453b59b25febc2b0c4a12cf917fa4ef1
SHA1

4a4e5590871272f4e79057ace83ada7bd5e35e9b
SHA256

e36fd47137d118f1e853953e1bc2ed6584c886cf7922cd2bed92f7ac685d0705
SHA512

1c946c0549dcad6be797158f6d01cf00743a6b1d41e6d1ea42cdd4c44dcd28d4d1661f25e9a5f020c4524231d0bd407e8210288b199bbc089ceb1a0144a5bced
SSDEEP

24576:KN8CEr1+o2ltiLaVu6a5ySKSNw6xXnsH8Fqj2Jk:sA+o2eLa86a52SNwr8FqS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-15_453b59b25febc2b0c4a12cf917fa4ef1_icedid

Files

2024-03-15_453b59b25febc2b0c4a12cf917fa4ef1_icedid
.exe windows:4 windows x86 arch:x86

e09ca8d4ef302d6e81dbb52568980226

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
TerminateProcess
HeapSize
QueryPerformanceCounter
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
DebugBreak
HeapCreate
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetDriveTypeA
IsBadCodePtr
SetEnvironmentVariableA
GetDateFormatA
GetTimeFormatA
Sleep
ExitProcess
RtlUnwind
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
SetErrorMode
ReleaseMutex
CreateMutexA
GetDiskFreeSpaceA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
LocalFileTimeToFileTime
FileTimeToLocalFileTime
lstrcmpA
RaiseException
SystemTimeToFileTime
FileTimeToSystemTime
WaitForSingleObject
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
FreeResource
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
lstrcmpiA
GetStringTypeExA
CompareStringA
CompareStringW
GetVersion
GetTickCount
MultiByteToWideChar
lstrlenA
HeapAlloc
GetProcessHeap
HeapFree
GetSystemDirectoryA
CreateDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetSystemInfo
AllocateUserPhysicalPages
VirtualAlloc
FreeUserPhysicalPages
VirtualFree
MapUserPhysicalPages
GetCurrentProcess
FindNextFileA
GetFileSize
GlobalMemoryStatusEx
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
SetFileTime
GetFileTime
IsBadReadPtr
lstrcpyA
MoveFileExA
GetTempPathA
GetTempFileNameA
CreateFileA
CloseHandle
GetCurrentThreadId
GetCurrentProcessId
DeleteFileA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
FindFirstFileA
FindClose
CopyFileA
FormatMessageA
LocalFree
GetLastError
GetFileAttributesA
SetFileAttributesA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetSystemTimeAsFileTime
HeapDestroy

user32

ShowOwnedPopups
PostQuitMessage
DestroyCursor
SetCursorPos
SetCapture
InflateRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
IsZoomed
DestroyMenu
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
WindowFromPoint
ReleaseDC
GetDC
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
MessageBoxA
SetFocus
SendMessageA
GetFocus
EnableWindow
SetCursor
IsWindow
GetWindowRect
GetClientRect
InvalidateRect
GetParent
LoadCursorA
IsWindowVisible
DestroyWindow
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
GetMenu
PostMessageA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
FindWindowA
DrawIcon
SetWindowRgn
SetTimer
KillTimer
GetMenuItemInfoA
GetSysColorBrush
GetDCEx
LockWindowUpdate
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
DestroyIcon
GetClassNameA
RedrawWindow
UpdateWindow
CharUpperA
ShowScrollBar
SetRect
GetSubMenu
LoadMenuA
ClientToScreen
LoadIconA
GetSystemMetrics
wsprintfA
GetMenuItemCount
InsertMenuA
GetMenuItemID
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringA
AppendMenuA
CheckMenuItem

gdi32

GetBkColor
CombineRgn
SetRectRgn
Ellipse
LPtoDP
CreateEllipticRgn
GetTextMetricsA
CreateFontA
GetCharWidthA
StretchDIBits
CreateCompatibleBitmap
GetStockObject
CreateCompatibleDC
RectVisible
CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
PtVisible
GetPixel
BitBlt
CreateRectRgn
SelectClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
DeleteObject
GetObjectA
CreateFontIndirectA
Escape
ExtTextOutA
GetDeviceCaps
GetTextExtentPoint32A
CreateSolidBrush
TextOutA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

InitializeAcl
LookupPrivilegeValueA
OpenProcessToken
StartServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
ControlService
QueryServiceStatus
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
FreeSid
SetSecurityDescriptorDacl
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegSetValueA
RegOpenKeyA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
AddAccessAllowedAce
AdjustTokenPrivileges

shell32

DragFinish
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteA
ExtractIconA
DragQueryFileA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExA

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
VarDateFromStr
VarBstrFromDate
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

ws2_32

inet_ntoa
gethostbyname
gethostname
WSAStartup
WSACleanup

dynamca

_MakeRoot@864
_GetRootInfo@16

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

Sections

.text
Size: 616KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e09ca8d4ef302d6e81dbb52568980226

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

ws2_32

dynamca

rpcrt4

Sections

.text Size: 616KB - Virtual size: 613KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 16KB - Virtual size: 26KB

.rsrc Size: 188KB - Virtual size: 186KB

.text
Size: 616KB - Virtual size: 613KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 16KB - Virtual size: 26KB

.rsrc
Size: 188KB - Virtual size: 186KB