2024-04-16_ebab7d8d041322666281d8b8211891d0_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_ebab7d8d041322666281d8b8211891d0_icedid
Size

340KB
MD5

ebab7d8d041322666281d8b8211891d0
SHA1

b01fc319d69811f7dcedcdf713d55f5b98841356
SHA256

04e219ecd597bef2c98ae06c3f59cc2a7526558ccba164f5ed68261dc6c242d3
SHA512

74ca64c6adafc9334f5c96aebb7afff5b0ba0be9e55f86d3f3bf90b8be5814a0e69765d3141f22b6874086b5f02a2fb2a0d02751c343fb0015ec4f87ff8a0529
SSDEEP

6144:AJQBIMW8p8Rnp+RQ2xkNM3mLhRmZ75uxTCQnWj:kRnp+1xkNSmFRmFctnW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_ebab7d8d041322666281d8b8211891d0_icedid

Files

2024-04-16_ebab7d8d041322666281d8b8211891d0_icedid
.exe windows:5 windows x86 arch:x86

83262675033294302345d73012506b10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
SetErrorMode
GetStartupInfoW
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
HeapReAlloc
RaiseException
SetStdHandle
GetFileType
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetModuleHandleA
GlobalFindAtomW
CompareStringW
GetVersionExA
InterlockedDecrement
MulDiv
GlobalUnlock
FreeResource
GetCurrentProcessId
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GlobalLock
LoadLibraryA
GetLocalTime
WritePrivateProfileSectionW
GetModuleFileNameW
IsDBCSLeadByteEx
FormatMessageW
FindResourceExW
VerSetConditionMask
VerifyVersionInfoW
WriteFile
SetFilePointer
CloseHandle
GetCurrentProcess
GetModuleHandleW
GetPrivateProfileSectionW
MoveFileExW
GetVersionExW
SetFileAttributesW
GetTickCount
Sleep
DeleteFileW
GetUserDefaultUILanguage
WriteProfileStringW
GetPrivateProfileStringW
GetWindowsDirectoryW
WritePrivateProfileStringW
lstrcatW
LocalAlloc
LocalFree
lstrcpynW
GlobalAlloc
GlobalFree
GetProfileStringW
GetSystemDirectoryW
SetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
lstrlenW
GetLastError
lstrcmpiW
FindFirstFileW
FindClose
MultiByteToWideChar
lstrlenA
lstrcpyW
lstrcmpW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
SetHandleCount

user32

UnregisterClassW
GetSysColorBrush
LoadCursorW
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
UnhookWindowsHookEx
SetWindowPos
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
GetWindow
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
PeekMessageW
SendMessageTimeoutW
wsprintfW
GetActiveWindow
MessageBoxW
LoadBitmapW
OffsetRect
ScreenToClient
GetClientRect
LoadIconW
GetSystemMenu
CreatePopupMenu
AppendMenuW
TrackPopupMenu
DestroyMenu
SendMessageW
EnableWindow
GetWindowRect
PtInRect
FindWindowW
SetForegroundWindow
GetWindowTextW

gdi32

DPtoLP
PtVisible
SetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
GetObjectW
GetStockObject
SetBkMode
RestoreDC
SaveDC
ExtTextOutW
CreateFontIndirectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
SelectObject
DeleteDC
DeleteObject
RectVisible

winspool.drv

DeleteMonitorW
DeletePrinter
EnumPrinterDriversW
EnumPrintersW
ClosePrinter
GetPrinterW
OpenPrinterW
DocumentPropertiesW
DeletePrinterDriverW
DeletePrinterConnectionW
GetPrinterDriverDirectoryW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
OpenSCManagerW
StartServiceW
ControlService
QueryServiceStatus
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
OpenServiceW
EnumDependentServicesW
CloseServiceHandle
RegOpenKeyExW
RegEnumValueW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantInit
VariantChangeType
VariantClear

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83262675033294302345d73012506b10

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

version

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 11KB - Virtual size: 40KB

.rsrc Size: 81KB - Virtual size: 84KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 11KB - Virtual size: 40KB

.rsrc
Size: 81KB - Virtual size: 84KB