2024-03-29_a2f30301381c8108e2539161f149a8a7_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-29_a2f30301381c8108e2539161f149a8a7_icedid
Size

2.1MB
MD5

a2f30301381c8108e2539161f149a8a7
SHA1

6f5e3fd77492bac7967f7d4ed508eb5cb6920df5
SHA256

11042253d5f65e74c8d1d2ae33f07eaa9d5449974046f52dce6111e4856552c2
SHA512

b772e83e465a546c3eb67c8a185da594d290cd5386c39f583c9fd21b0669006b1cdda87b0f7afb3d1c5df4d94a7e24f7a9a4f6a92700cf7bd5948f6447fbaeb5
SSDEEP

24576:SzjWk5rdTGiLPmV5LvWH2inPcGRkETbVppevH1N3Dj9D9VHTmxvGbwxDGb:StPc5LvWHEGRkmppevH33DjZ9VHVP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-29_a2f30301381c8108e2539161f149a8a7_icedid

Files

2024-03-29_a2f30301381c8108e2539161f149a8a7_icedid
.exe windows:4 windows x86 arch:x86

249b34622094a104c89445b2776c89cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

msimg32

AlphaBlend
TransparentBlt

avifil32

AVIStreamWrite
AVIFileRelease
AVIFileInit
AVIFileOpenA
AVIFileCreateStreamA
AVIMakeCompressedStream
AVIStreamSetFormat
AVIStreamRelease
AVIFileExit

msvfw32

ICClose
ICSendMessage
ICOpen
ICGetInfo
ICInfo
ICSeqCompressFrameStart
ICSeqCompressFrame
ICSeqCompressFrameEnd

msacm32

acmStreamOpen
acmDriverOpen
acmStreamPrepareHeader
acmStreamSize
acmDriverEnum
acmStreamConvert
acmFormatChooseA
acmMetrics
acmStreamUnprepareHeader
acmStreamClose
acmDriverClose
acmDriverDetailsA

kernel32

LeaveCriticalSection
EnterCriticalSection
GlobalFlags
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
WritePrivateProfileStringA
GetFullPathNameA
GetTickCount
RtlUnwind
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
GetFileType
HeapReAlloc
ExitProcess
ExitThread
CreateThread
TerminateProcess
SetStdHandle
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
DuplicateHandle
UnlockFile
CreateProcessA
GetExitCodeProcess
LockFile
DeleteFileA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetFileTime
GetFileAttributesA
lstrcpyA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
SuspendThread
SetEvent
GetCurrentThreadId
ResumeThread
SetThreadPriority
SetLastError
MulDiv
GlobalAlloc
lstrcpynA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
DeviceIoControl
CreateEventA
ResetEvent
WaitForSingleObject
FreeLibrary
FlushFileBuffers
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
FindNextFileA
FindClose
GetLogicalDrives
GetLogicalDriveStringsA
GetDriveTypeA
SetCurrentDirectoryA
RemoveDirectoryA
GetDiskFreeSpaceExA
CreateFileA
GetFileSize
CloseHandle
CreateDirectoryA
GetCurrentDirectoryA
CopyFileA
GetVolumeInformationA
SetPriorityClass
GetCurrentProcess
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetPrivateProfileStringA
Sleep
CreateMutexA
GetTempPathA
FindFirstFileA
LoadLibraryA
GetProcAddress
MoveFileA
GetLastError
FormatMessageA
LocalFree
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
SetRect
IsRectEmpty
SetCapture
CharNextA
LoadCursorA
GetSysColorBrush
WindowFromPoint
SetCursor
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
IntersectRect
GetWindowPlacement
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowsHookExA
CallNextHookEx
IsWindowVisible
GetKeyState
ValidateRect
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
SetFocus
ShowWindow
GetSystemMetrics
LoadBitmapA
EnableMenuItem
GetSubMenu
LoadMenuA
PostMessageA
ClientToScreen
KillTimer
SendMessageA
EnableWindow
SetTimer
ReleaseCapture
DrawIcon
GetMenu
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetMenuStringA
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
PeekMessageA
TranslateMessage
DispatchMessageA
GetMessageA
TrackMouseEvent
InvalidateRgn
FrameRect
FillRect
OffsetRect
CopyRect
EnumWindows
GetWindowLongA
ExitWindowsEx
DrawIconEx
GetAsyncKeyState
SetWindowLongA
GetActiveWindow
ScreenToClient
RegisterWindowMessageA
DrawAnimatedRects
FindWindowA
IsIconic
GetClientRect
LoadIconA
wsprintfA
MessageBoxA
PtInRect
InvalidateRect
AppendMenuA
GetSystemMenu
GetWindowRect
GetParent
GetWindow
GetMenuItemCount
GetMenuItemID
ModifyMenuA
GetTopWindow
IsChild
InflateRect
GetFocus
GetSysColor
LoadImageA
CharUpperA
UnregisterClassA
SystemParametersInfoA
SetActiveWindow
SetParent
SetForegroundWindow
IsWindow
SetMenuDefaultItem
TrackPopupMenu
GetCursorPos
EnumChildWindows
GetClassNameA
GetDC

gdi32

SetBkMode
SetBkColor
RestoreDC
SaveDC
StretchBlt
DPtoLP
GetMapMode
CreateCompatibleBitmap
CreateBitmap
GetTextColor
GetBkColor
CreatePen
GetTextExtentPointA
BitBlt
RoundRect
SelectObject
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
CreateBrushIndirect
CreateSolidBrush
GetDeviceCaps
GetStockObject
GetObjectA
CreateCompatibleDC
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
DeleteObject
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
GetRgnBox

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegConnectRegistryA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA

shell32

SHGetMalloc
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA
DragQueryFileA
SHFileOperationA
SHAppBarMessage

comctl32

_TrackMouseEvent
ImageList_Destroy
ord17
ImageList_Create
ImageList_AddMasked

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
CoInitialize
CoCreateInstance
OleRun
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantCopy
SysStringLen
SafeArrayDestroy
OleCreateFontIndirect
SystemTimeToVariantTime
DispGetParam
VariantClear
VariantChangeType
VariantInit
GetErrorInfo
SysStringByteLen
SysAllocString
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

oledlg

ord8

Sections

.text
Size: 708KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

249b34622094a104c89445b2776c89cc

Headers

File Characteristics

Imports

shlwapi

msimg32

avifil32

msvfw32

msacm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

oledlg

Sections

.text Size: 708KB - Virtual size: 706KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 104KB - Virtual size: 4.3MB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 708KB - Virtual size: 706KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 104KB - Virtual size: 4.3MB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB