2024-03-26_1fa93d87eb53442be7c3e3552803359e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-26_1fa93d87eb53442be7c3e3552803359e_icedid
Size

1.0MB
MD5

1fa93d87eb53442be7c3e3552803359e
SHA1

b1352433e4aadc87de6fa727f71266e3508f8b85
SHA256

d05738e7ef1dfc560cb8b1f6e6a3f397c115372cbdc024fb8b69faeab5c17f58
SHA512

eea1515041c93d2938d1038c8a9bc78abfb344b32117d9062dcda22ce0a7593742e40fd03e86764efb44ea81deef3592afcf84ed0694e2fea4d50b076ee9d030
SSDEEP

24576:4TNUcJXZiN04fX/KCF4SS84vd3c+un02/U7Ua1:IMLX/KoaRun02c7Ua1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-26_1fa93d87eb53442be7c3e3552803359e_icedid

Files

2024-03-26_1fa93d87eb53442be7c3e3552803359e_icedid
.exe windows:5 windows x86 arch:x86

1be17e94437bab1f86cd07afe1c106a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
SetStdHandle
GetFileType
ExitThread
CreateThread
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
WritePrivateProfileStringW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFileSizeEx
ConvertDefaultLocale
EnumResourceLanguagesW
CompareStringA
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
GetThreadLocale
SuspendThread
SetThreadPriority
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GetCurrentProcessId
GetModuleHandleA
ReleaseSemaphore
CreateSemaphoreW
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
SetLastError
DeviceIoControl
CreateFileA
GetTickCount
GetVersion
GetPrivateProfileIntA
GetPrivateProfileStringA
FlushFileBuffers
ResumeThread
FileTimeToLocalFileTime
GetTimeZoneInformation
GetCurrentThreadId
GetCommandLineW
LoadLibraryExW
lstrcmpiW
RaiseException
LocalFree
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
GetLocaleInfoW
GetFileTime
GetFileAttributesW
FormatMessageW
GetCurrentProcess
GetModuleHandleW
MoveFileExW
GetSystemInfo
GetSystemTime
CreateFileMappingW
CreateEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetFileSize
FindNextFileW
LoadLibraryA
GetProcAddress
HeapAlloc
HeapFree
FreeLibrary
LoadLibraryW
GetCurrentThread
GetTimeFormatW
GetDateFormatW
SetFilePointer
GetLocalTime
CopyFileW
GetSystemDirectoryW
GetWindowsDirectoryW
GetComputerNameW
CreateNamedPipeW
Sleep
ConnectNamedPipe
ReadFile
FindFirstFileW
FindClose
lstrlenW
InterlockedIncrement
InterlockedDecrement
CallNamedPipeW
FileTimeToSystemTime
SystemTimeToFileTime
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetLastError
CreateProcessW
DeleteFileW
WaitForSingleObject
WideCharToMultiByte
GetVersionExW
CloseHandle
CreateFileW
WriteFile
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualFree

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
CopyAcceleratorTableW
ReleaseCapture
SetCapture
UnregisterClassW
LoadCursorW
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
CharUpperW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowLongW
SetWindowPos
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetWindowLongW
GetLastActivePopup
MessageBoxW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharLowerBuffW
CharUpperBuffW
GetSystemMetrics
LoadIconW
RegisterClipboardFormatW
PostThreadMessageW
GetFocus
GetClientRect
IsIconic
CharNextW
EnumDesktopWindows
EnumChildWindows
GetDlgCtrlID
GetParent
IsWindowEnabled
GetWindowTextW
GetWindowThreadProcessId
GetClassNameW
SendMessageW
EnableWindow
IsWindowVisible
PostMessageW
IsWindow
GetDC
FillRect
IntersectRect
IsRectEmpty
PtInRect
GetForegroundWindow

gdi32

DeleteObject
GetWindowExtEx
PtVisible
RectVisible
TextOutW
GetViewportExtEx
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CreateRectRgnIndirect
CreateSolidBrush
GetStockObject
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
SaveDC
RestoreDC
SetBkColor
GetClipBox
SetMapMode
SetTextColor
GetBitmapBits
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
SelectObject
PlayEnhMetaFile
DeleteEnhMetaFile
GetEnhMetaFileW
GetDeviceCaps
ExtTextOutW

comdlg32

GetFileTitleW

winspool.drv

GetJobW
GetPrinterDataW
ClosePrinter
SetPrinterDataW
AddJobW
GetPrintProcessorDirectoryW
EnumJobsW
ScheduleJob
EnumPrintersW
XcvDataW
OpenPrinterW
SetPrinterW
GetPrinterW
EndDocPrinter
WritePrinter
StartDocPrinterW
DocumentPropertiesW
SetJobW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
GetSidLengthRequired
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
RegQueryInfoKeyW
RegDeleteValueW
GetUserNameW
RegQueryValueExW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
LookupAccountNameW
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority

shlwapi

PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoCreateFreeThreadedMarshaler
CoTaskMemRealloc
OleRun
CoInitialize
StringFromGUID2
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CLSIDFromString
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoGetClassObject
CoTaskMemAlloc

oleaut32

OleCreateFontIndirect
SysAllocStringLen
SafeArrayDestroy
VariantCopy
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VariantInit
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
SysAllocString
SysFreeString
GetErrorInfo

Sections

.text
Size: 795KB - Virtual size: 795KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1be17e94437bab1f86cd07afe1c106a6

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 795KB - Virtual size: 795KB

.rdata Size: 168KB - Virtual size: 168KB

.data Size: 29KB - Virtual size: 45KB

.rsrc Size: 35KB - Virtual size: 34KB

.text
Size: 795KB - Virtual size: 795KB

.rdata
Size: 168KB - Virtual size: 168KB

.data
Size: 29KB - Virtual size: 45KB

.rsrc
Size: 35KB - Virtual size: 34KB