2024-04-15_e64149bc845d1460578b4d84d2b0a220_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_e64149bc845d1460578b4d84d2b0a220_icedid
Size

1.5MB
MD5

e64149bc845d1460578b4d84d2b0a220
SHA1

018bb23ac2586e3f1014cfec758ee23657e254bd
SHA256

a57d1570722503b63c3f9af05ae3536d43738ef438cc8db9cb4bd123aa20372f
SHA512

b08fc031aecaa6b2f3ee7f50f75ed968323133bae5d757db294de5372ebd487e111dc27ba02f19ff22171e7a240f419b36089ac74963b28695b099eb9dd181dd
SSDEEP

24576:xjCGTzCnzsqjnhMgeiCl7G0nehbGZpbD:PTO3Dmg27RnWGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_e64149bc845d1460578b4d84d2b0a220_icedid

Files

2024-04-15_e64149bc845d1460578b4d84d2b0a220_icedid
.exe windows:4 windows x86 arch:x86

df26e6677877d9a3ceeb18affb38da60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

InterlockedDecrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
ReadFile
SetFilePointer
SetEndOfFile
GetThreadLocale
SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetModuleFileNameW
HeapReAlloc
VirtualAlloc
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
HeapSize
SetStdHandle
GetFileType
GetACP
LCMapStringA
LCMapStringW
GetStdHandle
VirtualFree
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GlobalFlags
LocalAlloc
GlobalUnlock
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalLock
OpenMutexA
CreateMutexA
GetUserDefaultLangID
GetFileTime
CompareFileTime
WritePrivateProfileStringA
Sleep
MoveFileA
FormatMessageA
LocalFree
GetStartupInfoA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
lstrcmpA
SetLastError
FlushFileBuffers
DeleteFileA
GlobalAlloc
GlobalFree
GetVersionExA
HeapFree
GetProcessHeap
HeapAlloc
GetDriveTypeA
GetSystemDirectoryA
GetShortPathNameA
GetTempPathA
GetLocaleInfoA
GetSystemDefaultLangID
InitializeCriticalSection
GetFileSize
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
WriteFile
OutputDebugStringA
CreateFileA
GetEnvironmentVariableA
CompareStringW
CompareStringA
GetVersion
WideCharToMultiByte
InterlockedExchange
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
CloseHandle
GetPrivateProfileStringA
GetCurrentDirectoryA
lstrlenA
GetProcAddress
GetCurrentProcess
FreeLibrary
LoadLibraryA
GetCurrentThreadId
GetTickCount
GetModuleHandleA
GetModuleFileNameA
GetFullPathNameA
GetFileAttributesA
MultiByteToWideChar
GetLastError
GlobalAddAtomA
GlobalDeleteAtom
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
ExitProcess

user32

UnregisterClassA
DestroyMenu
LoadCursorA
GetSysColorBrush
ShowWindow
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
UnhookWindowsHookEx
GetWindow
GetDlgCtrlID
GetClassNameA
PtInRect
GetWindowTextA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSysColor
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SetWindowTextA
GetSystemMetrics
MessageBoxA
WaitForInputIdle
MsgWaitForMultipleObjects
PostQuitMessage
GetWindowThreadProcessId
IsWindow
GetClassInfoExA
GetWindowLongA
GetDC
SetWindowLongA
ReleaseDC
PeekMessageA
TranslateMessage
DispatchMessageA
SendMessageA
RegisterWindowMessageA
PostMessageA
GetWindowRect

gdi32

DeleteDC
GetStockObject
DeleteObject
GetClipBox
SetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegEnumKeyA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantInit
VariantChangeType

Sections

.text
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df26e6677877d9a3ceeb18affb38da60

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Sections

.text Size: 232KB - Virtual size: 228KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 89KB

.rsrc Size: 1.2MB - Virtual size: 1.8MB

.text
Size: 232KB - Virtual size: 228KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 89KB

.rsrc
Size: 1.2MB - Virtual size: 1.8MB