2024-03-20_a9d331bbf186665e6dd36573f9906fed_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-20_a9d331bbf186665e6dd36573f9906fed_icedid
Size

584KB
MD5

a9d331bbf186665e6dd36573f9906fed
SHA1

c8d0a59fa598ba5cb5377ca26eab79c30191b139
SHA256

87285f154a45be9e63b437d44b7ee5e4e5a343a72479a23f6e83a0d03c365b78
SHA512

94e6688c3da033f439f018cbcf6b02e908df48d93b0635da7dc9e9a0940dd3d521377617acdf0a508ec968f5e700cf3cbcf65bd6169d591b2c0bde85673e31d0
SSDEEP

6144:NbN7W1OFw1ialXoxrrYK5v8tCy3e9awS3ImulQSbv1bVDn52h5FkUM+UD53+iWBk:NbNCWvO1JZuQC9BDnS5mUM1D5h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-20_a9d331bbf186665e6dd36573f9906fed_icedid

Files

2024-03-20_a9d331bbf186665e6dd36573f9906fed_icedid
.exe windows:4 windows x86 arch:x86

430600fa5c01ca0634eb7d7ca9ce07e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetShortPathNameW
CreateFileW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetErrorMode
GetVersionExW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
HeapReAlloc
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
UnlockFile
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
MoveFileW
GetCurrentDirectoryW
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
lstrlenA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetModuleHandleA
GlobalGetAtomNameW
GetDiskFreeSpaceW
GetFullPathNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetPrivateProfileIntW
CloseHandle
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
GetCurrentProcessId
InterlockedDecrement
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
lstrlenW
MulDiv
WideCharToMultiByte
FindFirstFileW
FindClose
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetModuleFileNameW
CallNamedPipeW
FormatMessageW
LocalFree
GetTempPathW
GetTempFileNameW
DeleteFileW
Sleep
GetTickCount
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
MultiByteToWideChar
GetPrivateProfileSectionNamesW
GetWindowsDirectoryW
CreateDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcpynW
FreeEnvironmentStringsW

user32

IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowDC
BeginPaint
EndPaint
GetSysColorBrush
UnregisterClassW
CharUpperW
CharNextW
CopyAcceleratorTableW
SetRect
InvalidateRgn
SetCapture
GetNextDlgGroupItem
WindowFromPoint
GetDCEx
LockWindowUpdate
RegisterClipboardFormatW
PostThreadMessageW
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorW
InvalidateRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
SetTimer
KillTimer
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
ReleaseDC
GetDC
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
UnpackDDElParam
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
TrackPopupMenu
SetForegroundWindow
IsWindowVisible
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
AppendMenuW
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
SendDlgItemMessageW
CreatePopupMenu
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetKeyState
GetWindowRect
IsZoomed
IsIconic
OffsetRect
CopyRect
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
LoadStringW
OpenClipboard
ClientToScreen
PostMessageW
LoadMenuW
GetSubMenu
IsClipboardFormatAvailable
UpdateWindow
LoadCursorW
SetCursor
MessageBeep
EnableWindow
GetParent
GetFocus
GetClientRect
SendMessageW
LoadIconW
DestroyIcon
MapWindowPoints
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
ScaleViewportExtEx
OffsetViewportOrgEx
CreateSolidBrush
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetViewportExtEx
CreateRectRgn
SelectClipRgn
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
SetTextColor
GetClipBox
GetDeviceCaps
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
StretchDIBits
DeleteDC
CreateFontW
GetCharWidthW
DeleteObject
GetTextMetricsW
SelectObject
CreateCompatibleBitmap
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetObjectW
SetBkColor
GetViewportExtEx

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

GetFileSecurityW
SetFileSecurityW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyW

shell32

SHGetFileInfoW
ExtractIconW
DragQueryFileW
DragFinish
ShellExecuteW

shlwapi

PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringLen
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

ws2_32

WSACleanup
WSASetLastError
getsockopt
WSAAsyncSelect
socket
ioctlsocket
htons
connect
setsockopt
select
__WSAFDIsSet
inet_addr
gethostbyname
WSAGetLastError
htonl
recv
closesocket
send
WSAStartup

Sections

.text
Size: 388KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

430600fa5c01ca0634eb7d7ca9ce07e9

Headers

File Characteristics

Imports

shfolder

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 388KB - Virtual size: 385KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 76KB - Virtual size: 72KB

.text
Size: 388KB - Virtual size: 385KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 76KB - Virtual size: 72KB