2024-03-29_4b76c9755413d0e897e6f8e827696c2d_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-29_4b76c9755413d0e897e6f8e827696c2d_icedid
Size

1.4MB
MD5

4b76c9755413d0e897e6f8e827696c2d
SHA1

d2436eaacf9fd93b9d07386be2430bb4e72ef5cc
SHA256

889d9b4585020f8858aaae90d896cd77c3e5226b894c80ba5e35f9b3964ebb74
SHA512

7ca7b4a56d117dc8e22ae064bc584f4336deb80e09c0424e46e35f9e6848cb5a743cd762a58b7d3bdd92ab4c1a6ff81fffdb785c7bd25a4eed222c6a5d6ceaf3
SSDEEP

24576:iAsf5qsFFPpK60U/ZotyZOMVI5kZicz+p:of5VwU/ityZOpkZbS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-29_4b76c9755413d0e897e6f8e827696c2d_icedid

Files

2024-03-29_4b76c9755413d0e897e6f8e827696c2d_icedid
.exe windows:4 windows x86 arch:x86

5c23fe234b5f75580300109948e396d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

bmaframe

CreateBMAFramework
CreateXmlConfigParse

kernel32

UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetStdHandle
HeapSize
VirtualAlloc
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
CompareStringA
CompareStringW
GetDriveTypeA
GetACP
GetOEMCP
SetEnvironmentVariableA
HeapReAlloc
TerminateProcess
HeapFree
HeapAlloc
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
ExitProcess
GetStartupInfoW
GetCurrentDirectoryW
FindResourceExW
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
SizeofResource
GlobalGetAtomNameW
GetDiskFreeSpaceW
SetFileTime
GetTempFileNameW
lstrcmpW
GlobalAlloc
InterlockedExchange
GetProfileStringA
GlobalAddAtomA
FindResourceA
lstrcmpA
lstrcmpiA
GetCurrentThread
MulDiv
GetShortPathNameW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
LoadLibraryW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageW
LocalFree
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
lstrcpynW
lstrcpyW
lstrcatW
IsBadReadPtr
IsBadWritePtr
GetModuleFileNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetFileTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
lstrlenA
FindNextFileW
CreateEventW
EnterCriticalSection
LeaveCriticalSection
ResetEvent
MultiByteToWideChar
Sleep
CreateThread
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileSectionW
WritePrivateProfileSectionW
FindFirstFileW
FindClose
lstrlenW
SetEvent
GetVersion
GetPrivateProfileStringW
GetFileAttributesW
SetFileAttributesW
WritePrivateProfileStringW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteFileW
RemoveDirectoryW
GetTickCount
GetTempPathW
CreateDirectoryW
GetLastError
WriteFile
GetFileSize
CloseHandle
ReadFile
CreateFileW
GetModuleFileNameW
GetPrivateProfileIntW
SetUnhandledExceptionFilter

user32

DestroyIcon
GetMenuStringW
DeleteMenu
InsertMenuW
LockWindowUpdate
GetDCEx
GetSysColorBrush
LoadCursorW
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
TranslateAcceleratorW
LoadAcceleratorsW
LoadStringW
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetMessageW
ValidateRect
GetCursorPos
WindowFromPoint
SetRectEmpty
GrayStringW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MapDialogRect
GetAsyncKeyState
CharUpperW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CharNextW
EnableMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetTopWindow
MessageBoxW
IsChild
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
GetWindowTextLengthW
GetDlgCtrlID
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
CopyAcceleratorTableW
GetNextDlgGroupItem
SetParent
RegisterClipboardFormatW
CheckMenuItem
IntersectRect
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
DrawIcon
GetDesktopWindow
PtInRect
GetMessagePos
ScreenToClient
GetCapture
ReleaseCapture
MapWindowPoints
OffsetRect
SetCapture
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
GetSystemMetrics
DrawFrameControl
DrawFocusRect
GetDC
ReleaseDC
GetWindow
GetClassNameW
LoadImageW
FrameRect
IsRectEmpty
IsWindow
GetWindowTextW
EnumWindows
PeekMessageW
SetMenu
GetKeyState
MessageBeep
TranslateMessage
DispatchMessageW
SetRect
GetCaretPos
keybd_event
UnregisterClassW
PostThreadMessageW
KillTimer
SetTimer
GetSysColor
CopyRect
InflateRect
UpdateWindow
PostMessageW
GetFocus
FillRect
GetClientRect
GetParent
DrawTextW
LoadBitmapW
GetWindowRect
EnableWindow
InvalidateRect
LoadIconW
SendMessageW

gdi32

GetCharWidthW
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
StretchDIBits
GetTextColor
GetBkColor
LPtoDP
GetTextExtentPointA
ExtTextOutA
CreateRectRgnIndirect
PatBlt
Escape
TextOutW
SelectClipRgn
RectVisible
PtVisible
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
CreateRectRgn
LineTo
MoveToEx
IntersectClipRect
CreateDIBitmap
GetObjectW
BitBlt
EnumFontFamiliesExW
CreateFontIndirectW
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
CreateFontW
CreateDIBSection
Rectangle
ExtTextOutW
CreatePen
GetTextMetricsW
CreateCompatibleBitmap
DeleteDC
GetTextExtentPoint32W
SetBkMode
SelectObject
SetTextColor
DeleteObject
CreateSolidBrush
CreateCompatibleDC
ExcludeClipRect

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
RegQueryValueExW
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyW
RegSetValueW
RegEnumValueW

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
ExtractIconW

comctl32

ImageList_Draw
ImageList_GetIconSize
ImageList_AddMasked
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_EndDrag
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ord17
ImageList_DragMove
ImageList_LoadImageW
ImageList_DrawEx

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
OleFlushClipboard
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoUninitialize
OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance
OleRun
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRevokeClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

olepro32

ord253

oleaut32

SysStringLen
VariantInit
VariantClear
SysAllocString
SysFreeString
VariantChangeType
VariantCopy
SysAllocStringLen
VariantTimeToSystemTime
GetErrorInfo

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 744KB - Virtual size: 741KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c23fe234b5f75580300109948e396d5

Headers

File Characteristics

Imports

version

bmaframe

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 448KB - Virtual size: 447KB

.rdata Size: 208KB - Virtual size: 207KB

.data Size: 36KB - Virtual size: 55KB

.rsrc Size: 744KB - Virtual size: 741KB

.text
Size: 448KB - Virtual size: 447KB

.rdata
Size: 208KB - Virtual size: 207KB

.data
Size: 36KB - Virtual size: 55KB

.rsrc
Size: 744KB - Virtual size: 741KB