2024-03-16_1ca01f0eb4bcb6dfc105a89f2d73fecc_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-16_1ca01f0eb4bcb6dfc105a89f2d73fecc_icedid
Size

260KB
MD5

1ca01f0eb4bcb6dfc105a89f2d73fecc
SHA1

79b03864b9accd79bbafa851961f7b9e25935308
SHA256

35602676e2cf2ad09f5385bc862ed62865cdbee944955c9bea9fadb04ae27cc5
SHA512

7e04d6d460227866902236404aa936cdb2a2218705d50f076921800d76b391a6100018d7a08e6812df250e0e461ae63c047dffec92d450325c761abb6370ef4c
SSDEEP

6144:raT0J0jKrVYHd3Z/o/3pF6Ube6PtkDIoNaw2u:rpJ2Hd3ZKKUqOksoD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-16_1ca01f0eb4bcb6dfc105a89f2d73fecc_icedid

Files

2024-03-16_1ca01f0eb4bcb6dfc105a89f2d73fecc_icedid
.exe windows:4 windows x86 arch:x86

e58289480604ef7d38c03735e4627a1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Request_Device_EjectW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
CM_Get_DevNode_Status
CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList

kernel32

GetCurrentProcessId
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetThreadLocale
GlobalFlags
GetModuleHandleA
InterlockedExchange
GetLocaleInfoW
GetVersion
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapReAlloc
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
WideCharToMultiByte
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
MultiByteToWideChar
CreateEventW
WaitForSingleObject
CreateThread
FormatMessageW
LocalFree
SetEvent
WaitForMultipleObjects
FindResourceW
LoadResource
LockResource
SizeofResource
GetTickCount
GetProcessHeap
HeapAlloc
HeapFree
GetModuleFileNameW
FindFirstFileW
FindClose
GetVersionExW
GetProcAddress
FreeLibrary
LoadLibraryW
Sleep
CreateFileW
DeviceIoControl
OutputDebugStringW
GetCurrentProcess
GetLastError
CloseHandle

user32

PostQuitMessage
UnregisterClassA
ValidateRect
ClientToScreen
SetWindowTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
IsWindowEnabled
LoadCursorW
GetDC
ReleaseDC
GetSysColorBrush
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
GetClientRect
GetMenu
MessageBoxW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
RegisterDeviceNotificationW
UnregisterDeviceNotification
IsWindow
PostMessageW
EnumWindows
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
GrayStringW
DrawTextExW
DrawTextW
SendMessageW
GetClassNameW
IsWindowVisible
EnumChildWindows
TabbedTextOutW
DestroyMenu
GetFocus
GetSubMenu
GetMenuItemCount
GetMenuItemID
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
GetMenuState
CreateWindowExW

advapi32

CreateProcessAsUserW
RegOpenKeyExW
RegCloseKey
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
SetServiceStatus
DeleteService
CreateServiceW
StartServiceW
ChangeServiceConfigW
OpenSCManagerW
EnumDependentServicesW
OpenServiceW
ControlService
QueryServiceStatusEx
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

gdi32

SetWindowExtEx
GetStockObject
DeleteDC
SetMapMode
RestoreDC
SaveDC
ExtTextOutW
DeleteObject
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e58289480604ef7d38c03735e4627a1b

Headers

File Characteristics

Imports

setupapi

kernel32

user32

advapi32

gdi32

winspool.drv

oleaut32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 312B

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 312B