2024-04-16_1c010a7983bbfd3b9362964c4e24331c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_1c010a7983bbfd3b9362964c4e24331c_icedid
Size

2.9MB
MD5

1c010a7983bbfd3b9362964c4e24331c
SHA1

ee88d2488b3cf4d7bf38dff77b7dded779c79f92
SHA256

16b258f365c06c297ecebbd0483e10564f06b995d2c2c99de824016aa799833c
SHA512

ca49870a88d2301c0dd9a9529f241a19f180c6d8220fa13f4a9f61d1f7ceac44741b663d360892144ace8b9c682b6ddf0871f19c42991b9e17b608b9e4d4a648
SSDEEP

49152:0pJUwWFTPQlmTHkTtWkIKfaLf6k4Jm7uu:0pJ5WClmTuLVk4JmKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_1c010a7983bbfd3b9362964c4e24331c_icedid

Files

2024-04-16_1c010a7983bbfd3b9362964c4e24331c_icedid
.exe windows:5 windows x86 arch:x86

e8476072177c298c15903a99e1516868

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\cpuid\applications\cpu_z\cpu_z_cn_vc2008\Release\cpuz_x32.pdb

Imports

winmm

timeGetTime

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

HttpAddRequestHeadersA
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW

kernel32

WritePrivateProfileStringW
FlushFileBuffers
SetEndOfFile
SetErrorMode
GetSystemDirectoryW
GetStartupInfoW
HeapAlloc
RaiseException
RtlUnwind
HeapReAlloc
ExitProcess
GlobalFlags
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleOutputCP
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
lstrlenA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetCurrentThreadId
FreeResource
GlobalLock
GlobalUnlock
FormatMessageW
lstrcmpiA
GetSystemDirectoryA
GetModuleHandleA
FindResourceA
GetWindowsDirectoryA
RemoveDirectoryA
GetComputerNameA
GetCurrentDirectoryA
GetModuleFileNameA
CreateDirectoryA
GetLocalTime
DeleteFileA
SetCurrentDirectoryA
GetTempPathA
GetCurrentProcessId
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
GetCurrentThread
GetProcessAffinityMask
SetProcessAffinityMask
CancelIo
GetSystemInfo
GetDiskFreeSpaceA
CreateFileA
LocalAlloc
LocalFree
DeviceIoControl
ReadFile
CreateEventA
WriteConsoleA
SetFilePointer
GetVersionExA
LoadLibraryA
CreateMutexA
ReleaseMutex
GetProcessHeap
HeapFree
WriteFile
CreateFileW
SetThreadAffinityMask
ResetEvent
QueueUserAPC
WaitForSingleObjectEx
GlobalMemoryStatus
GetTempPathW
GetVersionExW
WinExec
lstrlenW
lstrcatW
lstrcpyW
WriteConsoleW
ExitThread
GetStdHandle
GetPriorityClass
MulDiv
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameW
CloseHandle
InterlockedDecrement
FreeLibrary
SetLastError
LoadLibraryW
GetLastError
GetProcAddress
GetModuleHandleW
GlobalSize
GlobalReAlloc
GlobalAlloc
GlobalFree
Sleep
ResumeThread
SetThreadPriority
SetPriorityClass
GetCurrentProcess
CreateEventW
WaitForSingleObject
SetEvent
CreateThread
SetCurrentDirectoryW
GetComputerNameW
GetCurrentDirectoryW
LockResource
SizeofResource
LoadResource
FindResourceW
HeapSize

user32

LoadCursorW
GetSysColorBrush
UnregisterClassW
DestroyMenu
PostQuitMessage
LoadIconW
SendDlgItemMessageA
WinHelpW
GetClassLongW
GetClassNameW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
SetScrollInfo
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDesktopWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
BeginPaint
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetLastActivePopup
SetPropW
GetCapture
GetActiveWindow
SetActiveWindow
SetWindowPos
ShowWindow
GetPropW
RemovePropW
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
wsprintfA
ModifyMenuW
WindowFromPoint
PostMessageW
ReleaseCapture
DrawEdge
FrameRect
DrawFrameControl
FillRect
CheckMenuItem
EnableMenuItem
AppendMenuW
ClientToScreen
CreatePopupMenu
CreateCursor
SetCursor
DestroyCursor
GetDlgCtrlID
UpdateWindow
SetRect
OffsetRect
DrawIcon
GetSystemMetrics
IsIconic
MessageBoxW
wsprintfW
InflateRect
DrawFocusRect
GetSysColor
IsRectEmpty
CopyRect
GetParent
PtInRect
DestroyIcon
SetWindowLongW
GetWindowLongW
LoadImageW
ReleaseDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClientRect
GetDC
GetWindowDC
KillTimer
SetTimer
InvalidateRect
EnableWindow
GetWindowRect
SetForegroundWindow
LoadBitmapW
SendMessageW
RegisterWindowMessageW
EndPaint

gdi32

DeleteObject
CreatePen
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
MoveToEx
LineTo
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
SelectObject
CreateSolidBrush
SetPixel
GetCurrentObject
CreateFontIndirectW
GetPixel
CreateBitmap
CreateFontW
GetTextExtentPoint32W
GetDIBits
RealizePalette
SelectPalette
GetObjectW
GetStockObject

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
RevertToSelf
RegOpenKeyExA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle
OpenProcessToken
RegQueryValueExA
RegCloseKey
RegQueryValueW
RegOpenKeyExW

shell32

ShellExecuteW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

ole32

CoInitialize
CoInitializeSecurity
CoUninitialize
StringFromGUID2
CoInitializeEx
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance

oleaut32

SafeArrayGetVartype
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysStringLen
SafeArrayGetElement
SafeArrayGetElemsize

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 126KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8476072177c298c15903a99e1516868

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

version

wininet

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 270KB - Virtual size: 270KB

.data Size: 126KB - Virtual size: 148KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 270KB - Virtual size: 270KB

.data
Size: 126KB - Virtual size: 148KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB