2024-03-20_7736ddd15fd5c977e4d7fe4047e5dd0c_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-20_7736ddd15fd5c977e4d7fe4047e5dd0c_icedid
Size

144KB
MD5

7736ddd15fd5c977e4d7fe4047e5dd0c
SHA1

27a44475753fbb30f7cd72339040e79f7ef2059d
SHA256

aa7c5331c8ec2e8e65fb84bf933738d8809acf63938073af29279e9e5638b3cf
SHA512

d0bbe25a791dbb82e8d86516a84d72af890456875804e501d00d842e49212c477a4db9df5ecd63493fa9208432b96e92d93a4f548bc275706c12adccb2934492
SSDEEP

3072:C8f75fjELfGVZG5jX5lwVcxyuqBUIdrl+uuGjaEbY:Hz5fjE6yZ5yxEuuGuE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-20_7736ddd15fd5c977e4d7fe4047e5dd0c_icedid

Files

2024-03-20_7736ddd15fd5c977e4d7fe4047e5dd0c_icedid
.exe windows:4 windows x86 arch:x86

0c984aa6903f15f7274af26acae69a87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapSize
TerminateProcess
HeapDestroy
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteFile
GetOEMCP
GetCPInfo
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
GetCurrentThreadId
GlobalFlags
lstrcmpA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
RaiseException
SetLastError
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
lstrcmpiA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
SetProcessShutdownParameters
InitializeCriticalSection
CreateThread
DeleteCriticalSection
GetVersion
WaitForSingleObject
GetTickCount
SetEvent
EnterCriticalSection
LeaveCriticalSection
lstrlenW
MultiByteToWideChar
PulseEvent
CreateFileMappingA
MapViewOfFile
CreateMutexA
CreateEventA
UnmapViewOfFile
DeviceIoControl
CloseHandle
SetErrorMode
CreateFileA
GetVolumeNameForVolumeMountPointA
WideCharToMultiByte
lstrlenA
HeapCreate
GetLastError

user32

SystemParametersInfoA
IsIconic
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowPos
SetWindowLongA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
GetKeyState
PeekMessageA
ValidateRect
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
GetClassNameA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
GetMenuState
GetMenuItemID
CharUpperA
CharUpperW
wsprintfA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetMenuItemCount
GetSubMenu
LoadStringA
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
DefWindowProcA
PostQuitMessage
DestroyWindow
PostMessageA
KillTimer
SetTimer
RegisterDeviceNotificationA
UnregisterDeviceNotification
GetWindowTextA
ShowWindow
CreateWindowExA
AdjustWindowRectEx
GetMenu
GetClientRect
SetForegroundWindow
DestroyMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetWindowTextA
GetWindowPlacement

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
CreateBitmap
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
SetSecurityDescriptorDacl
RegQueryValueExA
RegCloseKey
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerExA
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
InitializeSecurityDescriptor

oleaut32

VariantChangeType
VariantClear
VariantInit

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
CM_Get_Parent
CM_Get_Device_IDA
CM_Locate_DevNodeA
SetupDiGetDeviceInstanceIdA

comctl32

ord17

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c984aa6903f15f7274af26acae69a87

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

oleaut32

setupapi

comctl32

oleacc

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 24KB - Virtual size: 23KB