2024-03-26_49def2f6fa2eaccde5c2499a4e4083d6_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-26_49def2f6fa2eaccde5c2499a4e4083d6_icedid
Size

1.8MB
MD5

49def2f6fa2eaccde5c2499a4e4083d6
SHA1

dc8a7d873510a47f2ed0ea7dc4b993c8b0d5f525
SHA256

29a42b3a0664156eb915ef8a21e6cc9c90fda67bf0c8259404c77688af89c91b
SHA512

f6013b4ed0b1e2b42e33a70e76538f9470582dae532648a3ac131645fbb3757eca7f598cdb72b68a6b4d8ac21b2c64206582c6937e5cd26063852d67d302b6dc
SSDEEP

49152:psWy3IsTXmkRyiAD7hJ7XUG5Xrq52CK69LlGlk1wsEVW6CaMcbn0C1OvoEOLZJ08:py3xTXmkRyiAD7hJ7XUG5Xrq52CK69LG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-26_49def2f6fa2eaccde5c2499a4e4083d6_icedid

Files

2024-03-26_49def2f6fa2eaccde5c2499a4e4083d6_icedid
.exe windows:4 windows x86 arch:x86

94ad6f4b3d58bc61a7d0a634f1a47061

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
ExitProcess
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
SetEnvironmentVariableA
CreateFileA
RtlUnwind
SizeofResource
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitThread
GetTimeZoneInformation
GetDriveTypeW
GetSystemTimeAsFileTime
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
lstrlenA
InterlockedIncrement
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
FindNextFileW
GlobalFindAtomW
CompareStringW
GetVersionExA
FormatMessageW
LocalFree
FindFirstFileW
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetCurrentProcessId
SuspendThread
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
LoadLibraryExW
CompareStringA
lstrcmpW
GetPrivateProfileIntW
GetModuleHandleA
LoadLibraryA
CreateThread
SetThreadAffinityMask
InterlockedExchange
CopyFileW
lstrcmpiW
GetSystemInfo
SetThreadPriority
TerminateThread
SetEvent
WaitForSingleObject
ResumeThread
MulDiv
CreateEventW
ResetEvent
GlobalDeleteAtom
GlobalGetAtomNameW
ReleaseMutex
CreateMutexW
GlobalAddAtomW
lstrlenW
GetVersionExW
GetVersion
FileTimeToSystemTime
UnmapViewOfFile
WriteFile
SetFileTime
DuplicateHandle
SetFilePointer
DosDateTimeToFileTime
GetFileType
GetCurrentDirectoryW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileStringW
WritePrivateProfileStringW
GetVolumeInformationW
GetLocaleInfoW
CloseHandle
GlobalUnlock
ReadFile
GlobalReAlloc
GlobalLock
GlobalAlloc
GetFileSize
GlobalFree
CreateFileW
GetCurrentProcess
Sleep
CreateDirectoryW
FreeResource
FreeLibrary
GetWindowsDirectoryW
GlobalMemoryStatusEx
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
GetTempFileNameW
LoadLibraryW
GetLastError
SetLastError
GetTempPathW
SetFileAttributesW
GetFullPathNameW
GetModuleFileNameW
RemoveDirectoryW
GetTickCount
MultiByteToWideChar
FindResourceW
DeleteFileW
LoadResource
LockResource
GetDateFormatA

user32

CopyAcceleratorTableW
UnregisterClassW
GetSysColorBrush
CharNextW
FindWindowW
DestroyMenu
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
CallWindowProcW
SystemParametersInfoA
GetWindowPlacement
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
CharUpperW
GetWindowThreadProcessId
IsWindowEnabled
MessageBoxW
SetWindowsHookExW
CallNextHookEx
InvalidateRgn
GetActiveWindow
ValidateRect
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
ScrollDC
SetCapture
GetKeyState
EqualRect
AnimateWindow
SetWindowPos
LoadBitmapW
EnableScrollBar
GetClassInfoW
GetMenuItemInfoW
DrawIconEx
GetSubMenu
SystemParametersInfoW
GetMenuItemCount
GetMenuItemID
GetKeyNameTextW
MapVirtualKeyW
DrawStateW
GetMessagePos
RedrawWindow
InflateRect
DrawEdge
GetNextDlgGroupItem
ReleaseCapture
GetCapture
WindowFromPoint
DestroyCursor
GetSystemMetrics
SetTimer
UnregisterClassA
BringWindowToTop
CreatePopupMenu
SetActiveWindow
SetForegroundWindow
DrawFocusRect
DrawFrameControl
SetLayeredWindowAttributes
GetWindowLongW
SetWindowLongW
GetWindow
SetCursorPos
ClientToScreen
IntersectRect
UnionRect
SetRectEmpty
OffsetRect
GetCursorPos
IsRectEmpty
GetFocus
PtInRect
LoadImageW
CopyImage
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
MessageBeep
InsertMenuItemW
TranslateAcceleratorW
SetMenu
PostThreadMessageW
RegisterClipboardFormatW
TabbedTextOutW
SetWindowRgn
UpdateWindow
DefWindowProcW
UnpackDDElParam
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
GetMessageW
PostMessageW
LoadIconW
IsIconic
EnableWindow
SendMessageW
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuW
KillTimer
FlashWindow
DestroyIcon
GetWindowRect
LoadCursorW
CopyIcon
PeekMessageW
TranslateMessage
EnumDisplayDevicesW
DispatchMessageW
EnumDisplaySettingsExW
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ScreenToClient
GetDC
wsprintfW
PostQuitMessage
SetRect
ReleaseDC
GetKeyboardLayout
MoveWindow
EnumDisplaySettingsW
IsWindow
GetLastActivePopup
IsWindowVisible
RegisterWindowMessageW
BroadcastSystemMessageW
GetSysColor
CopyRect
SetCursor
ShowWindow
CreateWindowExW
FillRect
InvalidateRect
GetParent
GetWindowTextW

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateEllipticRgn
GetRgnBox
IntersectClipRect
GetClipBox
SetMapMode
SetBkColor
RestoreDC
SaveDC
CreateRectRgnIndirect
GetPixel
FillRgn
PtInRegion
CreatePolygonRgn
GetTextColor
Rectangle
PatBlt
CreateBitmap
GetTextExtentPoint32W
GetTextMetricsW
StretchDIBits
SetBkMode
SetTextColor
Ellipse
LineTo
GetDIBits
GetStockObject
CreateDIBitmap
PtVisible
GetMapMode
LPtoDP
Escape
GetBkColor
DPtoLP
ExtTextOutW
GetViewportExtEx
TextOutW
RectVisible
GetWindowExtEx
CreateRectRgn
CreateSolidBrush
CreateFontW
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CombineRgn
ExtCreateRegion
DeleteObject
GdiFlush
PolylineTo
CreateDIBSection
MoveToEx
SetROP2
SetBitmapBits
SelectObject
CreatePen
GetBitmapBits
SelectClipRgn
GetObjectW
StretchBlt
RealizePalette
SelectPalette
GetDeviceCaps
CreateFontIndirectW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegQueryValueW
RegOpenKeyW
RegDeleteValueW
RegEnumKeyW
RegSetValueExW
RegCreateKeyExW
OpenProcessToken

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragAcceptFiles
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

ImageList_GetIconSize
_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleInitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSetContainedObject
OleCreateStaticFromData
ReleaseStgMedium
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
OleUninitialize
CoRegisterMessageFilter
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantInit
VariantCopy
VariantClear
SafeArrayCreateVector
SafeArrayAccessData
VariantChangeType
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayDestroy
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayGetDim
OleLoadPicture

urlmon

URLDownloadToFileW

wininet

DeleteUrlCacheEntryW

ws2_32

inet_addr
recvfrom
WSAGetLastError
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
htons
accept
WSAEnumProtocolsW
WSAEventSelect
ntohs
getsockname
shutdown
setsockopt
sendto
WSACleanup
ioctlsocket
htonl
gethostbyname
closesocket
WSAStartup
inet_ntoa
connect
socket
bind

dsound

ord1

winmm

mmioRead
timeKillEvent
timeSetEvent
mmioAscend
PlaySoundW
mmioClose
mmioDescend
mmioOpenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

iphlpapi

GetAdaptersInfo

msvfw32

MCIWndRegisterClass
MCIWndCreateW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94ad6f4b3d58bc61a7d0a634f1a47061

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

wininet

ws2_32

dsound

winmm

version

iphlpapi

msvfw32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 328KB - Virtual size: 326KB

.data Size: 20KB - Virtual size: 341KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 328KB - Virtual size: 326KB

.data
Size: 20KB - Virtual size: 341KB

.rsrc
Size: 52KB - Virtual size: 51KB