2024-03-27_b5dc9d391d21450ea5519de33717d728_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-27_b5dc9d391d21450ea5519de33717d728_icedid
Size

788KB
MD5

b5dc9d391d21450ea5519de33717d728
SHA1

5d6d34097062e3c3c388e94373584cbcd342ba82
SHA256

dd44c61976fd25690aaf496a1f84983fdc15479e3842349709d092d5e7cdc24e
SHA512

45bb2b3a6d5c14804c2438e7f995842c4eec95af5cb82530d72d5526c2d551ac66b749286feba4facddb705bb4a3b71df7f30a1a45c517388a3862f5b7333326
SSDEEP

6144:QjjrTP29FIrSkhOCHe1nTh2ps06cgEs/MeJiiG0FMsTlTj2nTD5TZ6r1:QjrPEFIOUInTh2pDUEs/hrlTjEFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-27_b5dc9d391d21450ea5519de33717d728_icedid

Files

2024-03-27_b5dc9d391d21450ea5519de33717d728_icedid
.exe windows:4 windows x86 arch:x86

5b4791d2b75842e8117610f4e5d208e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSACleanup
gethostname

kernel32

RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
ExitThread
HeapAlloc
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapSize
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringW
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
SetErrorMode
CreateFileA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrcmpA
RaiseException
ResumeThread
InterlockedDecrement
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
SetLastError
GlobalFree
MulDiv
GlobalAlloc
lstrcpynA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
CreateThread
CreateNamedPipeA
ConnectNamedPipe
ReadFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
FormatMessageA
LocalFree
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
GetFileAttributesA
GetModuleFileNameA
LoadResource
LockResource
SizeofResource
FindResourceA
GetLastError
WinExec
GetModuleHandleA
GetCurrentProcess
SetPriorityClass
Sleep
lstrlenA
lstrcmpiA
WideCharToMultiByte
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
LCMapStringA
SetCurrentDirectoryA

user32

GetSysColorBrush
ShowOwnedPopups
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ValidateRect
GetMenuItemInfoA
InflateRect
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
CallWindowProcA
GetWindowPlacement
PtInRect
GetMenuState
RegisterWindowMessageA
wsprintfA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
SetCursor
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
InsertMenuItemA
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
SetMenu
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
TranslateAcceleratorA
SetForegroundWindow
PostMessageA
GetMenuItemID
GetCursorPos
TrackPopupMenu
LoadMenuA
GetSubMenu
SetMenuDefaultItem
GetWindowLongA
SetWindowLongA
DestroyWindow
UnregisterClassA
LoadImageA
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
RegisterClassA
BeginPaint
GetClientRect
EndPaint
DefWindowProcA
MessageBoxA
PeekMessageA
PostQuitMessage
LoadCursorA
DrawIcon
GetWindowRect
GetWindowDC
ReleaseDC
KillTimer
SetTimer
GetSystemMetrics
EnableWindow
SystemParametersInfoA
SendMessageA
LoadIconA

gdi32

CreateSolidBrush
GetTextExtentPoint32A
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetStockObject
Rectangle
DeleteObject
CreateFontIndirectA
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateCompatibleBitmap
GetObjectA
CreateCompatibleDC
BitBlt
DeleteDC
CreatePen
SelectObject

comdlg32

CommDlgExtendedError
PrintDlgA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
QueryServiceStatus
StartServiceA
ControlService
RegOpenKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA

shell32

DragFinish
DragQueryFileA
Shell_NotifyIconA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

OleUninitialize
OleInitialize
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString

oleaut32

SysAllocString
SysStringLen
SysFreeString
VariantInit
VariantChangeType
GetActiveObject
SystemTimeToVariantTime
VariantClear

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b4791d2b75842e8117610f4e5d208e2

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 408KB - Virtual size: 407KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 284KB - Virtual size: 280KB

.text
Size: 408KB - Virtual size: 407KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 284KB - Virtual size: 280KB