2024-04-09_f581c8e3608f275b697fbb0786100c52_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-09_f581c8e3608f275b697fbb0786100c52_icedid
Size

1.6MB
MD5

f581c8e3608f275b697fbb0786100c52
SHA1

0a02829dac2bb333ff91c8949296f2964f5b598f
SHA256

9af9cc2586adfd5dbd656ce80fd387902907a900d4a1b7a3e9eb7ed41e796997
SHA512

711b457d22064446d67bcbe4e02663990dff1feb948a4a990e57bcf4731560a384dbe0bc922495783ec10c812164de0cdab06abc81207e1758dc468cae16abf4
SSDEEP

24576:g+9EM8GtETik+yduz0H2b67+vVffkXDUGJohhtHChpTo:gKKuzg+t0XDrJohahpT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-09_f581c8e3608f275b697fbb0786100c52_icedid

Files

2024-04-09_f581c8e3608f275b697fbb0786100c52_icedid
.exe windows:4 windows x86 arch:x86

04ff1e8fe14f9f896b742e5a707badef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
GetLocalTime
HeapReAlloc
SetEnvironmentVariableA
ExitProcess
ExitThread
SetStdHandle
GetFileType
TerminateProcess
TlsGetValue
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetCurrentProcessId
IsBadReadPtr
IsBadCodePtr
GlobalHandle
GlobalReAlloc
GlobalFlags
GetTempFileNameA
GetTickCount
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedIncrement
GetFileTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DeleteFileA
MoveFileA
GetCurrentDirectoryA
lstrcpyA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcmpA
RaiseException
FreeResource
GetPrivateProfileIntA
InterlockedDecrement
SetLastError
GlobalFree
MulDiv
lstrcpynA
SuspendThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetFileAttributesA
LocalAlloc
LocalLock
GetModuleHandleA
LocalUnlock
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
ReadFile
WriteFile
GetOverlappedResult
SetupComm
SetCommTimeouts
EscapeCommFunction
GetCommMask
WaitCommEvent
SetCommMask
SetCommState
GetCommState
TransmitCommChar
ClearCommError
PurgeComm
QueryPerformanceFrequency
FormatMessageA
LocalFree
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
GetProcAddress
GlobalAlloc
GetModuleFileNameA
GetCurrentProcess
SetPriorityClass
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalUnlock
WinExec
CreateThread
CreateFileA
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateEventA
ResetEvent
Beep
WaitForSingleObject
CloseHandle
GetCurrentThread
SetThreadPriority
Sleep
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEvent
ResumeThread
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
InterlockedExchange

user32

GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
GetWindowPlacement
ReleaseDC
GetDC
CopyRect
UnregisterClassA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
wsprintfA
IsWindowEnabled
UnhookWindowsHookEx
GetMenuStringA
RemoveMenu
SetWindowsHookExA
CallNextHookEx
GetMessageA
IsWindowVisible
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetActiveWindow
GetLastActivePopup
SystemParametersInfoA
GetSystemMetrics
DrawTextA
WindowFromPoint
SetWindowLongA
GetDlgItem
IsWindow
GetClassNameA
CheckDlgButton
SetFocus
SetWindowPos
SetForegroundWindow
MoveWindow
SetWindowTextA
EndDialog
WinHelpA
GetWindowTextA
RedrawWindow
GetDialogBaseUnits
LoadStringA
DestroyIcon
BeginPaint
DrawIcon
EndPaint
MessageBoxA
GetMessagePos
InsertMenuA
EmptyClipboard
SetClipboardData
GetCursorPos
ScreenToClient
IsZoomed
GetWindowLongA
GetSysColor
GetFocus
DrawFocusRect
FillRect
PtInRect
GetClipboardData
CloseClipboard
PostMessageA
SendMessageA
GetKeyState
GetTabbedTextExtentA
IsClipboardFormatAvailable
SetWindowRgn
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
SetParent
IsRectEmpty
LoadCursorA
MessageBeep
OpenClipboard
GetParent
TranslateMessage
DispatchMessageA
FindWindowA
BringWindowToTop
AppendMenuA
CreatePopupMenu
KillTimer
SetTimer
GetMenu
ModifyMenuA
GetMenuItemID
GetMenuItemCount
CheckMenuItem
LoadBitmapA
CreateMenu
PostThreadMessageA
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
GetWindow
InvalidateRect
UpdateWindow
GetClientRect
LoadMenuA
GetSubMenu
EnableMenuItem
GetWindowRect
IsIconic
SetRect
LoadIconA
EnableWindow
CharUpperA
CharNextA
LockWindowUpdate
GetDCEx
GetSystemMenu
GetSysColorBrush
DestroyCursor
SetCursorPos
SetCapture
UnpackDDElParam
ReuseDDElParam
SetCursor
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
SetRectEmpty
SetMenu
TranslateAcceleratorA
DeleteMenu
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
DestroyMenu
GetMenuItemInfoA
InflateRect
ShowWindow
IsDialogMessageA
SetDlgItemTextA
DialogBoxIndirectParamA
RegisterWindowMessageA

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
CreatePen
CreateCompatibleBitmap
StretchDIBits
GetCharWidthA
CreateFontA
GetTextMetricsA
GetViewportOrgEx
DPtoLP
Rectangle
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateEllipticRgn
LPtoDP
Ellipse
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
ExtTextOutA
BitBlt
CreateCompatibleDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
GetDeviceCaps
CreateBitmap
CreateDCA
SelectObject
DeleteDC
DeleteObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateSolidBrush
PatBlt

comdlg32

ChooseFontA
CommDlgExtendedError
FindTextA
ReplaceTextA
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegCreateKeyA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegEnumValueA
RegSetValueA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA

shell32

ExtractIconA
ShellExecuteExA
SHGetFileInfoA
DragFinish
DragQueryFileA
DragAcceptFiles

comctl32

ord8
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ord17
ImageList_DrawIndirect
ImageList_Draw

shlwapi

PathRemoveExtensionA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CoRegisterClassObject
CLSIDFromString
CoCreateInstance
OleRun
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysAllocStringLen
VarDateFromStr
SafeArrayPutElement
SafeArrayGetElement
SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantInit
SysAllocString
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
LoadTypeLi
VariantClear

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04ff1e8fe14f9f896b742e5a707badef

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 332KB - Virtual size: 329KB

.data Size: 16KB - Virtual size: 35KB

.rsrc Size: 76KB - Virtual size: 72KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 332KB - Virtual size: 329KB

.data
Size: 16KB - Virtual size: 35KB

.rsrc
Size: 76KB - Virtual size: 72KB