2024-04-08_9b2733edf796cddc4faeeffe75d9aa06_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-08_9b2733edf796cddc4faeeffe75d9aa06_icedid
Size

2.4MB
MD5

9b2733edf796cddc4faeeffe75d9aa06
SHA1

11bdbfa6c6e2503036a2edd6f6d01de0d65d57ef
SHA256

d46c160c7336a91e5d73c6088f687e01c5c4c23617f5c3d4ebe592a43e6ca579
SHA512

a31694d6f7598e12d1474e9979d9f9311725d4022db04354e4d8b834a33038e94ec0a3f97dd8650558a66140f150aab1defec43a4206b170027172f0753cb048
SSDEEP

49152:27ez+J0JuNEHiegqK2Csh4g4wwFTpSA1CqO:2Sze0Ju6/LmFp5LO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-08_9b2733edf796cddc4faeeffe75d9aa06_icedid

Files

2024-04-08_9b2733edf796cddc4faeeffe75d9aa06_icedid
.exe windows:4 windows x86 arch:x86

364cb1d4e0d5ce6a7eec6b046763b3e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CompareStringW
CompareStringA
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetCurrentProcessId
HeapFree
HeapAlloc
GetProcessHeap
SetLastError
FindNextFileA
CloseHandle
GetFileInformationByHandle
CreateFileA
FindFirstFileA
lstrcatA
lstrcpyA
GetVersion
Beep
QueryPerformanceCounter
CreateEventA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
DeviceIoControl
GetOverlappedResult
LocalFree
LocalAlloc
QueryPerformanceFrequency
GetModuleHandleA
FormatMessageA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
FreeResource
GetVersionExA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcmpA
LoadLibraryExA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetModuleFileNameW
InterlockedDecrement
VirtualProtect
FileTimeToSystemTime
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetThreadLocale
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
GetFullPathNameA
FindResourceExA
GetFileAttributesA
GetFileTime
SetErrorMode
FileTimeToLocalFileTime
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetDriveTypeA
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetStartupInfoA
HeapSize
GetACP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
DebugBreak
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
GetLastError
MultiByteToWideChar
InterlockedExchange
CreateThread
GetModuleFileNameA
CreateProcessA
TerminateThread
GetTickCount
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
LoadLibraryA
GetProcAddress
GetVolumeInformationA
Sleep
CreateFileW

user32

GetMessageTime
UnhookWindowsHookEx
IsWindowEnabled
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetCapture
IsChild
WinHelpA
RegisterWindowMessageA
CheckMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
TranslateAcceleratorA
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
ReleaseCapture
SetCursor
GetWindowThreadProcessId
DestroyMenu
ReuseDDElParam
UnpackDDElParam
ValidateRect
GetCursorPos
GetMessageA
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
InflateRect
GetMenuItemInfoA
IsZoomed
WindowFromPoint
GetAsyncKeyState
SetRect
DestroyCursor
LoadCursorA
GetMessagePos
SetCapture
SetParent
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
UnregisterClassA
FindWindowA
SetWindowRgn
CreateMenu
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
LoadBitmapA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsRectEmpty
RegisterDeviceNotificationA
UnregisterDeviceNotification
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
PtInRect
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetWindowPos
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItemTextA
MessageBoxA
UpdateWindow
SendMessageA
GetDlgItem
GetWindow
GetDesktopWindow
EnableWindow
GetActiveWindow
SetTimer
PostMessageA
DispatchMessageA
PeekMessageA
DrawIcon
AppendMenuA
EnableMenuItem
ModifyMenuA
LoadMenuA
GetMenu
SetMenu
GetSystemMenu
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
IsIconic
GetClientRect
InvalidateRect
GetWindowLongA
GetSysColorBrush
GetWindowRect
CharUpperA
TranslateMessage
GetSystemMetrics
LoadIconA
KillTimer
GetTopWindow

shell32

DragFinish
DragQueryFileA
ShellExecuteA

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

winusb

WinUsb_Initialize
WinUsb_SetPipePolicy
WinUsb_WritePipe
WinUsb_ReadPipe
WinUsb_ResetPipe
WinUsb_Free

comctl32

ord17

shlwapi

PathFindFileNameA
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathStripToRootA

oledlg

ord8

gdiplus

GdipDrawLine
GdipDrawEllipse
GdipTranslateWorldTransform
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipCreatePathGradient
GdipSetStringFormatAlign
GdipSetPenDashArray
GdipCreateSolidFill
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathGradientPointCount
GdipSetPathGradientCenterColor
GdipDeleteStringFormat
GdipDrawLines
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipDrawClosedCurve2
GdipFillRectangle
GdipFillEllipse
GdipFillClosedCurve2
GdipDrawString
GdipSaveGraphics
GdipRestoreGraphics
GdipBeginContainer2
GdipEndContainer
GdipGetHemfFromMetafile
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipSetClipRect
GdipResetClip
GdipCreateStringFormat
GdipDrawRectangle
GdipCreateFont
GdipRotateWorldTransform
GdipCloneBrush
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipRecordMetafileI
GdipCreateMetafileFromFile
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageBounds

ws2_32

select
__WSAFDIsSet
WSAStartup
send
WSAGetLastError
recvfrom
gethostbyname
inet_addr
setsockopt
WSASocketA
sendto
inet_ntoa
recv
connect
ioctlsocket
htons
socket
closesocket
shutdown
WSACleanup

iphlpapi

GetIpNetTable
GetIpAddrTable

oleacc

LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundA

gdi32

SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetWindowOrgEx
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
Ellipse
LPtoDP
CreateEllipticRgn
EnumFontFamiliesExA
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CombineRgn
SetRectRgn
Rectangle
GetViewportOrgEx
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
PatBlt
CreateRectRgnIndirect
StretchDIBits
CreateFontA
GetCharWidthA
GetTextMetricsA
GetTextExtentPoint32A
CreateDCA
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA

comdlg32

GetFileTitleA

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA

oleaut32

SysAllocString
OleCreateFontIndirect
VariantTimeToSystemTime
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SystemTimeToVariantTime
VariantCopy
SafeArrayDestroy

Sections

.text
Size: 968KB - Virtual size: 967KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 612KB - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 416KB - Virtual size: 31.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 440KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

364cb1d4e0d5ce6a7eec6b046763b3e6

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

setupapi

winusb

comctl32

shlwapi

oledlg

gdiplus

ws2_32

iphlpapi

oleacc

winmm

gdi32

winspool.drv

comdlg32

advapi32

oleaut32

Sections

.text Size: 968KB - Virtual size: 967KB

.rdata Size: 612KB - Virtual size: 609KB

.data Size: 416KB - Virtual size: 31.7MB

.rsrc Size: 440KB - Virtual size: 436KB

.text
Size: 968KB - Virtual size: 967KB

.rdata
Size: 612KB - Virtual size: 609KB

.data
Size: 416KB - Virtual size: 31.7MB

.rsrc
Size: 440KB - Virtual size: 436KB