2024-03-27_b0c2ae511a5d553b51bf1772624fc54c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-27_b0c2ae511a5d553b51bf1772624fc54c_icedid
Size

376KB
MD5

b0c2ae511a5d553b51bf1772624fc54c
SHA1

3639c0197bf94b33d62a0283f18733745b8884ee
SHA256

216e650c52c139aa483aa7ca5ae6b2467bd8aafe1caaa3d95dd72b2fec94ebd7
SHA512

122418bf3d1dede17e721126ea2d5dbdeb5a5b448b6366f3596a8f025c6084523d1e7715770cb14e7349925b418bdd1cd7f688183002f45688c595ebfdca939d
SSDEEP

6144:C7tZwzrhk9gJ5NFJAtSpywXTlaTb+jZAC6/61n2xPRCQAiw7SXv:C7gzVk9grPJAtLwc+jZAC6/61n2x5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-27_b0c2ae511a5d553b51bf1772624fc54c_icedid

Files

2024-03-27_b0c2ae511a5d553b51bf1772624fc54c_icedid
.exe windows:4 windows x86 arch:x86

fcdc2277b29f064e9e9264d69c2fb5d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
SHGetValueA
StrStrIA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

iwh9

GetBandPref_9
GetBands_9
SetRadioStatus_9
IsVendorManagingWirelessAdptr_9
GetRadioStatus_9
GetIntelAdapterHandle_9
EnumPrefNetworks_9
GetPrefNetworkCount_9

iwh10

GetPrefNetworkCount_10
GetAPIVersion_10
GetBandPref_10
GetBands_10
SetRadioStatus_10
IsVendorManagingWirelessAdptr_10
GetRadioStatus_10
GetIntelAdapterHandle_10
EnumPrefNetworks_10

kernel32

GetTickCount
RtlUnwind
HeapAlloc
HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
LockFile
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GetFileTime
LeaveCriticalSection
InterlockedIncrement
FindResourceExA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetModuleFileNameA
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
InterlockedDecrement
SetLastError
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
GlobalFree
VirtualProtect
RaiseException
LocalFree
LocalAlloc
CreateMutexA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentDirectoryA
CreateProcessA
GetLastError
DeviceIoControl
CloseHandle
CreateFileA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
GlobalReAlloc
UnlockFile
ExitProcess

user32

PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
SetCapture
DestroyMenu
LoadCursorA
GetSysColorBrush
SetWindowContextHelpId
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsWindow
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
PostMessageA
GetWindowRect
GetParent
EnableWindow
wsprintfA
LoadBitmapA
SetTimer
SendMessageA
LoadImageA
CharUpperA
IsWindowEnabled
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
GetDlgItem
GetWindowLongA
SetFocus
GetFocus
GetAsyncKeyState
SetActiveWindow
GetActiveWindow
GetCapture
ShowWindow
SetWindowPos
MapDialogRect
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
GetWindow
PtInRect
CopyRect
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowLongA
CallWindowProcA

gdi32

GetRgnBox
GetTextColor
GetBkColor
GetMapMode
EnumFontFamiliesExA
DeleteDC
ExtSelectClipRgn
GetStockObject
CreateRectRgnIndirect
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ImageList_AddMasked
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

OleCreateFontIndirect
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcdc2277b29f064e9e9264d69c2fb5d6

Headers

File Characteristics

Imports

shlwapi

setupapi

iwh9

iwh10

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 112KB - Virtual size: 108KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 112KB - Virtual size: 108KB