2024-04-09_a60a5c9b388822d7943438a6af3f93f1_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-09_a60a5c9b388822d7943438a6af3f93f1_icedid
Size

1.0MB
MD5

a60a5c9b388822d7943438a6af3f93f1
SHA1

b52c15d3edfa0099d298984cf5dbef92e4239df3
SHA256

da5d795306cfcd75157f885b30cf6d17d5d5b6eb17b17c308b6940f346817245
SHA512

f5c0d035b6f518a69b5ccbfed3a5d62fc927602519874d51b90be318d208e8e8855a4ccfee53014fb6ccb82d021207232d22d78313570a345e60fbdadabafb69
SSDEEP

24576:sSfbA/WU4gg9uEfWs+ncupWP9MMMMQMgONoqL:sCE8+ncups9MMMMQMgONzL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-09_a60a5c9b388822d7943438a6af3f93f1_icedid

Files

2024-04-09_a60a5c9b388822d7943438a6af3f93f1_icedid
.exe windows:4 windows x86 arch:x86

4c8d4caa8d4258df119bcafd5ba5918e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

yyxf_play

yyxf_D7
yyxf_A7
yyxf_C8
yyxf_B1
yyxf_G2
yyxf_E8
yyxf_F4
yyxf_F3
yyxf_F6
yyxf_G5
yyxf_F7
yyxf_C5
yyxf_D4
yyxf_B4
yyxf_B8
yyxf_C9
yyxf_B2
yyxf_A1
yyxf_F1
yyxf_D6
yyxf_C6
yyxf_E4
yyxf_E6
yyxf_E3
yyxf_A9
yyxf_D5
yyxf_E1
yyxf_G6
yyxf_E9
yyxf_E5
yyxf_G3
yyxf_A2
yyxf_G4
yyxf_E2
yyxf_C2
yyxf_A5
yyxf_D8
yyxf_A3
yyxf_B5
yyxf_D9
yyxf_D3
yyxf_B3
yyxf_B9
yyxf_E7
yyxf_C1
yyxf_A8
yyxf_C3
yyxf_C4
yyxf_A4
yyxf_F8
yyxf_A6
yyxf_B6
yyxf_G1
yyxf_B7
yyxf_F9

winmm

waveOutSetVolume

psapi

GetModuleFileNameExW

kernel32

GetFullPathNameW
GetShortPathNameW
WaitForSingleObject
EnumResourceLanguagesW
ConvertDefaultLocale
lstrcmpiA
GetCurrentThread
InterlockedIncrement
ReleaseMutex
GlobalGetAtomNameW
FileTimeToLocalFileTime
GetFileTime
GlobalFlags
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GetCurrentDirectoryW
GetStartupInfoW
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
DuplicateHandle
TerminateProcess
SetStdHandle
GetFileType
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoA
FindResourceW
FreeLibrary
LoadResource
LoadLibraryW
SizeofResource
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
lstrcatW
lstrcmpW
GetVersionExA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrlenA
lstrcmpA
GlobalFree
InterlockedDecrement
MulDiv
GetModuleHandleA
SetLastError
GetVolumeInformationW
GetDriveTypeW
GlobalAlloc
GetSystemDirectoryW
DeleteFileW
RemoveDirectoryW
SetSystemPowerState
CreateDirectoryW
GetVersionExW
GetACP
GetCurrentProcess
GetVersion
lstrcpyW
SetCurrentDirectoryW
lstrlenW
GetFileAttributesW
lstrcpynW
GetLocaleInfoW
CreateFileW
ReadFile
GetFileSize
LocalFree
CloseHandle
lstrcmpiW
EnterCriticalSection
GetLastError
FileTimeToSystemTime
LeaveCriticalSection
InterlockedExchange
FormatMessageW
GlobalMemoryStatus
CreateMutexW
GlobalUnlock
GlobalLock
GetTickCount
FindNextFileW
FindClose
GetStringTypeExW
WideCharToMultiByte
GetModuleHandleW
FindFirstFileW
DeleteCriticalSection
RaiseException
MultiByteToWideChar
GetModuleFileNameW
InitializeCriticalSection
GetCurrentThreadId
FreeResource
LockResource
GetProcAddress
GetThreadLocale

user32

GetClassLongW
GetClassInfoExW
CreateWindowExW
GetCapture
WinHelpW
IsWindowEnabled
ValidateRect
GetActiveWindow
TranslateMessage
GetMessageW
CheckDlgButton
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
TranslateAcceleratorW
GetMenuCheckMarkDimensions
CheckMenuItem
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetDesktopWindow
PostQuitMessage
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
GetDialogBaseUnits
GetSysColorBrush
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
GetDCEx
LockWindowUpdate
SetParent
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxW
TrackPopupMenu
GetKeyState
GetMenu
DeferWindowPos
GetClassInfoW
RegisterClassW
SetWindowPlacement
DefWindowProcW
SystemParametersInfoA
GetWindowPlacement
GetMenuState
GetMenuStringW
InsertMenuW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
EmptyClipboard
SendDlgItemMessageW
DestroyIcon
RegisterWindowMessageW
DeleteMenu
ExitWindowsEx
ShowCursor
ChildWindowFromPoint
LoadIconW
SetClassLongW
PeekMessageW
EnableMenuItem
SetMenu
SetCursor
LoadCursorW
DrawEdge
ClientToScreen
RedrawWindow
IsRectEmpty
CharNextW
IntersectRect
ShowScrollBar
ClipCursor
GetDlgCtrlID
IsMenu
WindowFromPoint
RemoveMenu
SetTimer
ScreenToClient
SetCapture
KillTimer
GetFocus
InflateRect
TrackPopupMenuEx
InvalidateRect
EqualRect
ReleaseCapture
SetForegroundWindow
FindWindowW
CreateIconIndirect
GetIconInfo
BringWindowToTop
IsWindow
CloseClipboard
GetParent
GetClipboardData
OpenClipboard
EnableWindow
SetWindowRgn
GetSystemMenu
IsIconic
PostMessageW
IsZoomed
DrawIconEx
GetAsyncKeyState
SetRect
SystemParametersInfoW
CharUpperW
SetWindowPos
GetSystemMetrics
GetMonitorInfoW
LoadImageW
CreateMenu
CharLowerW
LoadMenuW
DestroyMenu
GetWindow
UnregisterClassW
SetRectEmpty
RemovePropW
GetWindowRect
GetMenuItemID
GetSubMenu
CallNextHookEx
GetClientRect
GetMenuItemInfoW
ModifyMenuW
PtInRect
SetPropW
GetDC
GetForegroundWindow
OffsetRect
GetWindowLongW
AppendMenuW
GetClassNameW
ReleaseDC
SetWindowLongW
GetCursorPos
CreatePopupMenu
WindowFromDC
GetMenuItemCount
SetWindowsHookExW
AdjustWindowRectEx
UnhookWindowsHookEx
IsWindowVisible
SendMessageW
SetMenuItemInfoW
GetPropW
CallWindowProcW
CopyRect
GetSysColor
LoadBitmapW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
SetClipboardData
GetLastActivePopup
UpdateWindow
wsprintfW

gdi32

SelectClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SetRectRgn
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
SetBkMode
SetBkColor
RestoreDC
SaveDC
PatBlt
GetTextMetricsW
GetDeviceCaps
CreatePen
RoundRect
CreateEllipticRgn
DeleteDC
CreateBitmap
SelectObject
CreateFontIndirectW
StretchBlt
GetDIBits
CreateRectRgnIndirect
CombineRgn
ExtTextOutW
SetDIBits
CreateRoundRectRgn
CreateEllipticRgnIndirect
RemoveFontResourceW
DeleteObject
AddFontResourceW
CreateSolidBrush
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontW
ScaleViewportExtEx
GetObjectW

msimg32

TransparentBlt

comdlg32

ChooseColorW
GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegOpenKeyW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyW
RegDeleteValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW

shell32

ord680
SHChangeNotify
Shell_NotifyIconW
SHGetPathFromIDListW
DragFinish
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
ShellExecuteExW
DragQueryFileW
ExtractIconExW

comctl32

ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
ImageList_DrawEx
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_BeginDrag
ImageList_DragMove
ImageList_EndDrag
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
ord17
ImageList_GetImageInfo

shlwapi

PathRemoveExtensionW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFileExistsW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
OleUninitialize
ReleaseStgMedium
RevokeDragDrop
CoCreateInstance
CoFreeUnusedLibraries
RegisterDragDrop
CoFreeUnusedLibrariesEx
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CLSIDFromProgID
CLSIDFromString

oleaut32

SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringLen
SysFreeString
SysStringLen
VariantClear
VariantChangeType
VariantInit
RegisterTypeLi
LoadTypeLi
OleCreateFontIndirect
VariantCopy

Sections

.text
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c8d4caa8d4258df119bcafd5ba5918e

Headers

File Characteristics

Imports

yyxf_play

winmm

psapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 496KB - Virtual size: 495KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 12KB - Virtual size: 186KB

.rsrc Size: 400KB - Virtual size: 396KB

.text
Size: 496KB - Virtual size: 495KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 12KB - Virtual size: 186KB

.rsrc
Size: 400KB - Virtual size: 396KB