2024-04-12_8d64c0654384d74b046b7e3067eddf80_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-12_8d64c0654384d74b046b7e3067eddf80_icedid
Size

448KB
MD5

8d64c0654384d74b046b7e3067eddf80
SHA1

10d3c5da5d5a934073e5891599bcb591eab66991
SHA256

bf41fec333bdcba3675de34631b2240e88b6c70a0b5464678d5f89793e2eb8c9
SHA512

3a19a793dca84f2cc3906479be38c58025afc421ad3cb2fcd0c4b7267ea8fd80724ad3593772c12881d077a36b4de9bf746f9042308b0c1e96743b32b6078cd3
SSDEEP

12288:HFBDSh9cQZ2ExstHDJ1PGnWNzL29M8cmS:MzZtstHrGnk+9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-04-12_8d64c0654384d74b046b7e3067eddf80_icedid

Files

2024-04-12_8d64c0654384d74b046b7e3067eddf80_icedid
.exe windows:4 windows x86 arch:x86

b3532e148b24dbba9606684c50c4e1c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetSystemInfo
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
GetTickCount
SetErrorMode
LocalFileTimeToFileTime
GetShortPathNameA
CreateFileA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
SystemTimeToFileTime
GetOEMCP
GetCPInfo
InterlockedIncrement
RaiseException
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
lstrcpyA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GetModuleFileNameA
InterlockedDecrement
SetLastError
GlobalFree
MulDiv
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetProcAddress
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
GetModuleHandleA
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
GetCurrentDirectoryA
SetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetEnvironmentStringsW
InterlockedExchange

user32

DestroyIcon
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
GetMenuStringA
AppendMenuA
InsertMenuA
GetDC
ReleaseDC
IsZoomed
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextA
IsDialogMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenu
LockWindowUpdate
SetForegroundWindow
AdjustWindowRectEx
DeferWindowPos
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PtInRect
RegisterWindowMessageA
wsprintfA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
SetWindowLongA
SendMessageA
LoadBitmapA
GetSubMenu
LoadMenuA
ScreenToClient
SetTimer
KillTimer
SetCapture
OpenClipboard
LoadCursorA
EnableWindow
CloseClipboard
SetClipboardData
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconA
GetClassInfoA
PeekMessageA
GetCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
InsertMenuItemA
GetDCEx
WindowFromPoint
SetRect
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageA
ValidateRect
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
ShowWindow
GetWindowLongA
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EmptyClipboard
SetCursor
GetKeyState
GetCursorPos
ReleaseCapture
MessageBeep
GetClipboardData
SetCursorPos
DispatchMessageA
TranslateMessage
CharUpperA
CreateWindowExA
InSendMessage
UpdateWindow
IsDlgButtonChecked
CheckRadioButton
GetDlgItem
SendDlgItemMessageA
GetClientRect
TranslateAcceleratorA
IsWindowEnabled
GetWindow
GetDesktopWindow
IsWindow

gdi32

GetStockObject
CreateSolidBrush
CreateFontIndirectA
CreatePatternBrush
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SetRectRgn
GetObjectA
SelectClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
GetDeviceCaps
CreateFontA
GetCharWidthA
DeleteObject
StretchDIBits
DeleteDC
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgn

comdlg32

GetFileTitleA
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
SetFileSecurityA
RegCloseKey
GetFileSecurityA

shell32

ExtractIconA
DragAcceptFiles
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
DragQueryFileA
DragFinish

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoTaskMemFree
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoTaskMemAlloc
OleInitialize

oleaut32

VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
VariantClear

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3532e148b24dbba9606684c50c4e1c8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 108KB - Virtual size: 105KB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 108KB - Virtual size: 105KB