2024-03-28_e03821ade504de1b7106c3bb74640e72_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-28_e03821ade504de1b7106c3bb74640e72_icedid
Size

2.1MB
MD5

e03821ade504de1b7106c3bb74640e72
SHA1

a1fd32dd5a1c81908252f97928559721ac8a87a3
SHA256

e95e900e9ed12c1c10ed3863d6a2128a3ef1e42194768364aa0b3c4a9509aee1
SHA512

e9ff23af6cd5cd8534cb6c6a8940274d09cff4c508994d6cdddd3ab476af8637e5b0a0930e2baa944109e964d558057731c4d2ed6c62fb3074d9a68b884cc83d
SSDEEP

24576:AYiTSBEMKjFANxPgTLkTaQWzTW//8itatTyd/0Xz3aRvfrNeXQFklHzXAuAfcAZf:AwSMgFGxY8AWH8AtvTNKzXAuAYhm9ttF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-28_e03821ade504de1b7106c3bb74640e72_icedid

Files

2024-03-28_e03821ade504de1b7106c3bb74640e72_icedid
.exe windows:5 windows x86 arch:x86

b9d9167adee27b7ce718c7d0403bd030

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord11

d3d9

Direct3DCreate9

winmm

timeGetTime
timeKillEvent

comctl32

ord17

bass

BASS_Init
BASS_GetVersion
BASS_Free
BASS_Start

gamesg

?TaskSwitching_Enable_Disable@@YGHH@Z
?AltTab2_Enable_Disable@@YGHPAUHWND__@@H@Z
?CtrlAltDel_Enable_Disable@@YGHH@Z

kernel32

GetModuleFileNameW
CreateMutexA
CloseHandle
GetSystemInfo
GetTickCount
GetModuleHandleA
GetVersionExA
lstrlenA
FreeLibrary
SetEvent
WritePrivateProfileStringA
GetPrivateProfileStringA
LoadLibraryA
InitializeCriticalSection
CreateProcessA
GetLastError
GetProcAddress
DeleteCriticalSection
GetModuleFileNameA
Sleep
WaitForSingleObject
HeapFree
GetProcessHeap
HeapAlloc
CreateDirectoryA
GetFileAttributesA
InterlockedExchange
LeaveCriticalSection
EnumResourceLanguagesA
ConvertDefaultLocale
GetLocaleInfoA
GetCurrentThread
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
CompareStringA
GlobalAddAtomA
SetLastError
FreeResource
GlobalFree
GlobalUnlock
GlobalFindAtomA
GlobalGetAtomNameA
lstrcmpW
LocalFree
GetAtomNameA
SetErrorMode
GlobalFlags
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
FlushFileBuffers
SetEndOfFile
GetCPInfo
GetOEMCP
GetModuleHandleW
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
ExitThread
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
HeapValidate
VirtualQuery
GetStdHandle
WriteConsoleW
GetFileType
SetHandleCount
LoadLibraryW
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetStdHandle
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetStringTypeA
GetStringTypeW
HeapSize
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
OpenEventA
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
SizeofResource
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
InterlockedDecrement
InterlockedIncrement
OutputDebugStringW
DebugBreak
WideCharToMultiByte
MultiByteToWideChar
MulDiv
CreateThread
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
QueryPerformanceFrequency
FindResourceA
LoadResource
LockResource
WriteFile
ReadFile
GetFileSize
SetFilePointer
CreateEventA
ResetEvent
OutputDebugStringA
lstrcpynA
SetUnhandledExceptionFilter
lstrcatA
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
IsBadReadPtr
lstrcpyA
EnterCriticalSection
FormatMessageA

user32

CreateWindowExA
RegisterWindowMessageA
GetSysColorBrush
FillRect
DrawTextExA
GrayStringA
CreatePopupMenu
IsMenu
CheckMenuItem
EnableMenuItem
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuItemInfoA
GetSubMenu
InsertMenuItemA
ModifyMenuA
LoadMenuA
PtInRect
ReleaseCapture
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
ReuseDDElParam
UnpackDDElParam
SetRectEmpty
GetClipboardFormatNameA
UnregisterClassA
RegisterClipboardFormatA
InflateRect
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
OffsetRect
IntersectRect
CreateDialogIndirectParamA
DestroyWindow
GetDlgCtrlID
GetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
LoadIconA
GetForegroundWindow
GetClassInfoExA
GetWindow
GetNextDlgTabItem
GetCapture
SetActiveWindow
GetActiveWindow
ShowOwnedPopups
IsWindowVisible
InvalidateRect
UpdateWindow
GetWindowDC
ClientToScreen
MapWindowPoints
BringWindowToTop
IsIconic
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
GetKeyState
CallNextHookEx
SetWindowsHookExA
ValidateRect
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetFocus
TabbedTextOutA
IsWindow
PostQuitMessage
wsprintfA
PostMessageA
MessageBoxA
SetCursor
GetSystemMetrics
GetDC
SendMessageA
FindWindowA
LoadCursorA
SetFocus
MoveWindow
GetTopWindow
GetWindowRect
EndPaint
BeginPaint
GetDlgItem
SetWindowPos
EndDialog
ShowWindow
SetWindowTextA
KillTimer
GetCursorPos
SetRect
GetWindowLongA
WinHelpA
TrackPopupMenu
TrackMouseEvent
keybd_event
GetKeyboardState
ClipCursor
GetClassInfoA
RegisterClassA
GetSysColor
EqualRect
DeferWindowPos
BeginDeferWindowPos
SetForegroundWindow
EndDeferWindowPos
GetClassNameA
DrawTextW
GetIconInfo
AdjustWindowRect
SetMenu
GetClassLongA
ChangeDisplaySettingsA
GetWindowPlacement
SetWindowPlacement
EnumDisplaySettingsA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ScreenToClient
DrawTextA
GetClientRect
GetDesktopWindow
CopyRect
ReleaseDC
AdjustWindowRectEx
GetMenu
SetWindowLongA
SystemParametersInfoA
SetTimer
LoadBitmapA

gdi32

PtVisible
RectVisible
GetPixel
Escape
CreateCompatibleBitmap
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
GetTextExtentPoint32A
SelectObject
CreateFontIndirectA
DeleteObject
CreateFontA
TextOutA
SetTextColor
SetBkMode
GetObjectA
GetDeviceCaps
CreateDIBSection
CreateCompatibleDC
DeleteDC
SetTextAlign
SetBkColor
SetMapMode
BitBlt
ExtTextOutA
GetDIBits
CreateSolidBrush
GetObjectType
GetStockObject
GetClipBox
CreateBitmap
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RestoreDC
SaveDC

advapi32

OpenThreadToken
RevertToSelf
SetThreadToken
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA

oleaut32

VariantInit
VariantChangeType
VariantClear

shlwapi

PathFindFileNameA
PathFindExtensionA

ws2_32

inet_addr
closesocket
htons
gethostbyname
inet_ntoa
WSASocketA
WSAGetLastError
WSAConnect
WSAStartup
WSAAsyncSelect
WSACleanup
WSARecv
send

imm32

ImmGetContext
ImmGetCompositionStringA

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

ole32

CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 30.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9d9167adee27b7ce718c7d0403bd030

Headers

DLL Characteristics

File Characteristics

Imports

dsound

d3d9

winmm

comctl32

bass

gamesg

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

ws2_32

imm32

oleacc

winspool.drv

ole32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 378KB - Virtual size: 378KB

.data Size: 62KB - Virtual size: 30.5MB

.rsrc Size: 387KB - Virtual size: 386KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 378KB - Virtual size: 378KB

.data
Size: 62KB - Virtual size: 30.5MB

.rsrc
Size: 387KB - Virtual size: 386KB