2024-03-26_11e280cf8e3740aca7a34438061356c4_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-26_11e280cf8e3740aca7a34438061356c4_icedid
Size

648KB
MD5

11e280cf8e3740aca7a34438061356c4
SHA1

c7b3acef0cf5f17bea324c072b0a164c87304e02
SHA256

7628037f4e1601aa3942406a9227a3d072c9e201f349e8153c11fafae52863b9
SHA512

3779650b2337f361cf1a6d32424b77d25ac89023fd7744ded0306b2fe569c17c73654c942c2f9f2866f1d25a2dda88477d2bd4730fe11559e729aea2d730ae0c
SSDEEP

12288:i7PjTegueP/eeslmoWQrM6DPSQw4VIvrrsPR8fXKxu:i7LTsePqmofrM6DPSbEIvnsP06c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-26_11e280cf8e3740aca7a34438061356c4_icedid

Files

2024-03-26_11e280cf8e3740aca7a34438061356c4_icedid
.exe windows:5 windows x86 arch:x86

70dcbeaae196b54fab8f9a74104ef425

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

kernel32

GetSystemTimeAsFileTime
RemoveDirectoryA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
VirtualAlloc
HeapReAlloc
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
GetTickCount
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetProcessHeap
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
CreateFileA
WriteFile
CloseHandle
SetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
SearchPathA
GetTempPathA
GetLongPathNameA
GetTempFileNameA
CreateDirectoryA
GetLastError
GetModuleHandleA
GetSystemInfo
EnumResourceNamesA
GetCurrentDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringA
GetModuleFileNameA
LocalAlloc
LocalFree
InterlockedExchange
RaiseException
lstrlenA
MultiByteToWideChar
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
GlobalFlags
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
SetLastError
GlobalFree
FormatMessageA

user32

PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ValidateRect
ClientToScreen
DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetDC
ReleaseDC
GetSysColorBrush
IsWindowEnabled
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
GetSysColor
CopyRect
PtInRect
GetDlgCtrlID
SendMessageA
CallWindowProcA
GetMenu
GetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CallNextHookEx
GetClientRect
MessageBoxA
SetRect
GetCursorPos
ScreenToClient
DefWindowProcA
GetWindowRect
LoadImageA
SetWindowTextA
SetCursor
LoadCursorA
SetMenu
EnumDisplaySettingsA
DestroyWindow
LoadIconA
RegisterClassExA
CreateWindowExA
SetWindowLongA
LoadStringA
PeekMessageA
TranslateMessage
DispatchMessageA
GetAsyncKeyState
SetWindowPos
ShowWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetWindow

gdi32

SetMapMode
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RestoreDC
SaveDC
ExtTextOutA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

SHFileOperationA
ShellExecuteA

comctl32

InitCommonControlsEx
ord17

winmm

PlaySoundA

python25

PyRun_StringFlags
PyImport_AddModule
Py_Initialize
PyExc_AttributeError
PyErr_SetString
PyDict_GetItemString
PyDict_SetItemString
_Py_ZeroStruct
_Py_TrueStruct
PyArg_ParseTuple
_Py_NoneStruct
PyList_Size
PyString_Type
PyLong_AsLong
PyLong_Type
PyInt_Type
PyFloat_Type
PyType_IsSubtype
PyList_Type
PyList_SetItem
PyList_New
Py_BuildValue
PyDict_New
Py_InitModule4
PyErr_Occurred
PyErr_Print
PyString_AsString
PyEval_GetBuiltins

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 499KB - Virtual size: 499KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70dcbeaae196b54fab8f9a74104ef425

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

kernel32

user32

gdi32

winspool.drv

shell32

comctl32

winmm

python25

oleaut32

Sections

.text Size: 499KB - Virtual size: 499KB

.rdata Size: 133KB - Virtual size: 132KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 499KB - Virtual size: 499KB

.rdata
Size: 133KB - Virtual size: 132KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 2KB - Virtual size: 2KB