2024-04-16_4bb2ef5ee33b510070796323fd41359e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_4bb2ef5ee33b510070796323fd41359e_icedid
Size

560KB
MD5

4bb2ef5ee33b510070796323fd41359e
SHA1

9cbf505eb2f9d6d6a2235e47f4c0e43d4fd70b47
SHA256

874ba18a8e08ce0057c6bd9a74aa410cfb50cdc7613a013205e204b643cbf99b
SHA512

7cd60205bb5259ef3c2cc37eb356de050cf2ed0928d3b9b25a6d7d5ed487d7cab70b122d688e7f9765e570790b62bc6748012e58fac51b5bffe4d8ab0999f094
SSDEEP

6144:xWHngFKUVWiVKaLVRAS2zyGxx4acFmGAw3s4Aew19d041ogntfQY2mAGlRzf98rm:A/UnBl2zyGxx4acFS91ogntYIt9m67Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_4bb2ef5ee33b510070796323fd41359e_icedid

Files

2024-04-16_4bb2ef5ee33b510070796323fd41359e_icedid
.exe windows:4 windows x86 arch:x86

e8b62e878663841b8cf3986cf8d91d6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetConsoleCtrlHandler
SetEnvironmentVariableA
GetEnvironmentStringsW
GetSystemDirectoryA
GetWindowsDirectoryA
GetComputerNameA
GetProfileStringA
AreFileApisANSI
Sleep
GetProfileIntA
GetCommandLineW
CompareFileTime
MoveFileExA
FindNextFileA
_lclose
OpenFile
DeviceIoControl
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetTimeZoneInformation
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
TerminateProcess
HeapReAlloc
HeapAlloc
HeapFree
ExitProcess
GetCommandLineA
GetStartupInfoA
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
RtlUnwind
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
GetFileAttributesA
SetFileAttributesA
SetFileTime
FileTimeToLocalFileTime
SetErrorMode
GetFullPathNameA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
SetFilePointer
ReadFile
MoveFileA
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
SystemTimeToFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
CompareStringW
CompareStringA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
SetCurrentDirectoryA
lstrcpyA
InterlockedDecrement
GetCurrentThreadId
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
GetVersion
lstrcpynA
lstrlenA
GlobalGetAtomNameA
GlobalAddAtomA
MultiByteToWideChar
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CreateFileA
RemoveDirectoryA
LoadLibraryA
FreeLibrary
CreateDirectoryA
GetCurrentThread
GetLastError
GetCurrentProcess
WriteFile
FlushFileBuffers
CloseHandle
GetTempPathA
DeleteFileA
CopyFileA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetWindowTextLengthA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
AdjustWindowRectEx
DeferWindowPos
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
PtInRect
GetMenuState
GetClassLongA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
SetDlgItemTextA
FillRect
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetFocus
EqualRect
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
IsWindowVisible
InvalidateRect
IsIconic
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
SetMenu
ShowWindow
GetWindow
TranslateAcceleratorA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
CharUpperBuffA
LoadStringA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
IsWindow
LoadBitmapA
LoadIconA
ExitWindowsEx
LoadCursorA
SetCursor
IsDialogMessageA
SetWindowTextA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
PostQuitMessage
ShowOwnedPopups
ValidateRect
GetCursorPos
TranslateMessage
GetMessageA
GetSysColorBrush
InflateRect
GetMenuItemInfoA
TabbedTextOutA
GetDialogBaseUnits
AdjustWindowRect
MapDialogRect
EnableWindow
RegisterWindowMessageA
GetParent
UpdateWindow
GetClientRect
PostMessageA
SendMessageA
DrawIcon
GetCursor
wsprintfA
MessageBoxA
GetWindowTextA

gdi32

ScaleWindowExtEx
DeleteDC
CreatePatternBrush
CreateBitmap
GetStockObject
PtVisible
GetTextExtentPoint32A
SetWindowExtEx
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateCompatibleBitmap
CreateFontIndirectA
StretchBlt
DPtoLP
GetMapMode
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
GetDeviceCaps
CreateCompatibleDC
CreateSolidBrush
GetObjectA
CreateICA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CloseServiceHandle
LookupPrivilegeNameA
OpenSCManagerA
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegConnectRegistryA
RegFlushKey
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
OpenServiceA
QueryServiceConfigA
QueryServiceStatus
CreateServiceA
DeleteService
ControlService
StartServiceA
AdjustTokenPrivileges
LookupPrivilegeValueA
DeregisterEventSource

shell32

DragQueryFileA
DragFinish
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA

comctl32

ImageList_Destroy
ord17
ImageList_GetImageInfo
ImageList_Draw

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

lz32

LZCopy
LZClose
LZOpenFileA

Sections

.text
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8b62e878663841b8cf3986cf8d91d6f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

version

lz32

Sections

.text Size: 260KB - Virtual size: 256KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 220KB - Virtual size: 220KB

.text
Size: 260KB - Virtual size: 256KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 220KB - Virtual size: 220KB