2024-03-16_bc9a18c8d8c9ba4e5345b954fbcf2ccb_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-16_bc9a18c8d8c9ba4e5345b954fbcf2ccb_icedid
Size

1.6MB
MD5

bc9a18c8d8c9ba4e5345b954fbcf2ccb
SHA1

85326dbe57cc0204c772d9cd75a6ae80e6c4cce0
SHA256

402de61892b3198994a80f658a77aac92b2735f85daa6f658453b8b0de2444d0
SHA512

b4b9d97826b8e6f3860a392d50fcbbe83abf6fe99713495577dedf75f93947ba23a27fa71139266c94000a401d830979e8f67a82d0c29be3e7d23ee48a0e928e
SSDEEP

24576:+hKR8dU5kwakDBMQ4lav3scRQbKouG7uQZcnZ4u0ZRGsqjnhMgeiCl7G0nehbGZd:4HTXQ4M/sqquzCRKDmg27RnWGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-16_bc9a18c8d8c9ba4e5345b954fbcf2ccb_icedid

Files

2024-03-16_bc9a18c8d8c9ba4e5345b954fbcf2ccb_icedid
.exe windows:5 windows x86 arch:x86

d0c995203fff995ce9e0918727b74d1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
RtlUnwind
HeapReAlloc
RaiseException
ExitProcess
ExitThread
HeapSize
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
HeapFree
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetStartupInfoW
FindResourceW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
FileTimeToLocalFileTime
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
FindResourceExW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedCompareExchange
ExpandEnvironmentStringsA
MoveFileA
FindFirstFileA
CreateEventA
GetFullPathNameA
GetThreadPriority
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GlobalFlags
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
VirtualProtect
GetCurrentThreadId
ResetEvent
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalAlloc
FormatMessageW
LocalFree
lstrlenW
MulDiv
GetModuleHandleA
FreeLibrary
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
GetModuleFileNameW
QueryPerformanceFrequency
GetProcessAffinityMask
GetSystemInfo
QueryPerformanceCounter
GetCurrentProcess
GlobalMemoryStatus
CreateDirectoryA
GetFileAttributesA
SetLastError
InterlockedDecrement
CreateThread
DeleteCriticalSection
CreateEventW
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
Sleep
InitializeCriticalSection
SetEvent
WaitForSingleObject
MultiByteToWideChar
GetComputerNameW
LockResource
CloseHandle
ReleaseMutex
CreateMutexA
GetProcAddress
GetLastError
GetModuleHandleW
GetLocaleInfoA
InterlockedExchange
GetVersionExW
SizeofResource
WideCharToMultiByte
LoadResource
LCMapStringW

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
CharUpperW
ReleaseCapture
SetCapture
UnregisterClassW
DestroyMenu
LoadCursorW
GetSysColorBrush
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
SetCursor
PostQuitMessage
MapDialogRect
GetAsyncKeyState
ShowWindow
MoveWindow
IsDialogMessageW
SetDlgItemInt
GetDlgItemInt
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
GetPropW
RemovePropW
SetFocus
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
GetClientRect
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
DefWindowProcW
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetMenuItemID
GetMenuItemCount
GetSysColor
EndPaint
BeginPaint
RegisterClipboardFormatW
GetWindowDC
ClientToScreen
PostThreadMessageW
SetPropW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
GetSubMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetDC
ReleaseDC
SetWindowLongW
RegisterDeviceNotificationW
UnregisterDeviceNotification
CallWindowProcW
GetActiveWindow
GetForegroundWindow
LoadIconW
SetForegroundWindow
FindWindowW
GetWindowTextW
EnumChildWindows
MessageBoxW
GetDlgCtrlID
SetWindowTextW
EnumDisplaySettingsW
GetSystemMetrics
ScreenToClient
GetWindowRect
WindowFromPoint
InvalidateRect
GetCursorPos
CopyRect
SetTimer
KillTimer
LoadBitmapW
SendMessageW
EnableWindow
MapWindowPoints

gdi32

ExtTextOutW
CreateRectRgnIndirect
GetMapMode
EnumFontFamiliesExW
GetBkColor
GetTextColor
GetRgnBox
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetObjectW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
BitBlt
CreateCompatibleDC
CreateBitmap
GetDeviceCaps
StretchDIBits
Escape

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyW
RegEnumKeyW
RegSetValueExW
RegOpenKeyW
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoFreeUnusedLibraries
CoTaskMemAlloc
OleInitialize
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy

dsound

ord11
ord12

d3d8

Direct3DCreate8

dinput8

DirectInput8Create

d3d9

Direct3DCreate9

ddraw

DirectDrawCreate

winmm

timeGetTime

Sections

.text
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d0c995203fff995ce9e0918727b74d1c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

dsound

d3d8

dinput8

d3d9

ddraw

winmm

Sections

.text Size: 460KB - Virtual size: 459KB

.rdata Size: 116KB - Virtual size: 116KB

.data Size: 17KB - Virtual size: 390KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 460KB - Virtual size: 459KB

.rdata
Size: 116KB - Virtual size: 116KB

.data
Size: 17KB - Virtual size: 390KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB