2024-04-17_3260b10ca04e2d926a337cb6a965d506_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-17_3260b10ca04e2d926a337cb6a965d506_icedid
Size

2.9MB
MD5

3260b10ca04e2d926a337cb6a965d506
SHA1

d9a7f444ea16a6fd76cc209c1c9b98330fcb0ea0
SHA256

30d0c96d76f8c4e7495b55f146503d536abdb5407e56d6ed3fc37c5e0cd6bf36
SHA512

5f251f761d8faabaf8ab2b38261e9b564eb20b71faccd1e8125fa76b8228ee9d17d0bdc35d6db32d9ea078b4852bb431abbc589d955edbc7debdb304bb0cd534
SSDEEP

49152:dKryhoyFHSHPY7gm/BSThUIKvEEig+1TRSNNLiLHVKx:dKr6oyFHyPY77/0KvEVpNbVQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-17_3260b10ca04e2d926a337cb6a965d506_icedid

Files

2024-04-17_3260b10ca04e2d926a337cb6a965d506_icedid
.exe windows:4 windows x86 arch:x86

507abea21d856c4fcff5723d70d249c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetStartupInfoW
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
SetCurrentDirectoryW
HeapReAlloc
ExitThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetCPInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
GetCurrentDirectoryA
GetOEMCP
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CreateFileA
GetDriveTypeA
SetEnvironmentVariableA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
InterlockedIncrement
LocalFileTimeToFileTime
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
lstrcmpiW
lstrcmpA
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrcatW
lstrcmpW
GetVersionExA
GetModuleHandleA
MulDiv
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynW
GetShortPathNameW
SetThreadPriority
InterlockedDecrement
QueryDosDeviceW
GetVolumeInformationW
SetFilePointer
GetExitCodeThread
SetEnvironmentVariableW
LeaveCriticalSection
EnterCriticalSection
SystemTimeToTzSpecificLocalTime
CreateFileW
DeviceIoControl
GetVolumeNameForVolumeMountPointW
TerminateThread
GetLogicalDrives
LoadLibraryA
LocalAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GetTempFileNameW
GetCurrentDirectoryW
SetVolumeLabelW
GetDriveTypeW
GetCompressedFileSizeW
CreateThread
RaiseException
GetModuleHandleW
WriteFile
GetLocalTime
GetComputerNameW
GetSystemTime
FileTimeToLocalFileTime
CopyFileExW
FlushFileBuffers
LoadLibraryW
GetProcAddress
CopyFileW
WideCharToMultiByte
GetCurrentThread
GetCurrentProcess
TerminateProcess
CreateToolhelp32Snapshot
OpenProcess
ReleaseMutex
MoveFileExW
GetTickCount
ResetEvent
FileTimeToSystemTime
SystemTimeToFileTime
FormatMessageW
LocalFree
GetEnvironmentVariableW
GetTempPathW
GetUserDefaultLangID
lstrlenA
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
ReadFile
GetFileTime
SetFileTime
GetFileSize
MoveFileW
CreateDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
RemoveDirectoryW
GetCurrentThreadId
CreateEventW
GetLastError
SetLastError
GetFileAttributesExW
WaitForSingleObject
GetPrivateProfileIntW
ExpandEnvironmentStringsW
SuspendThread
GetVersionExW
ExitProcess
ResumeThread
LoadLibraryExW
FindResourceExW
FreeLibrary
lstrlenW
GetPrivateProfileStringW
InitializeCriticalSection
DeleteCriticalSection
OpenMutexW
CreateMutexW
GetCommandLineW
GlobalFree
GetCurrentProcessId
CloseHandle
CreateProcessW
WritePrivateProfileStringW
GetModuleFileNameW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
SetEvent
Sleep
FindResourceW
LoadResource
LockResource
VirtualFree
SizeofResource

user32

GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
CharUpperW
DestroyMenu
SetWindowContextHelpId
MapDialogRect
ValidateRect
SetMenuItemBitmaps
CheckMenuItem
GetMenuCheckMarkDimensions
GetActiveWindow
CreateDialogIndirectParamW
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
CheckRadioButton
CheckDlgButton
WinHelpW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenuEx
SetScrollPos
GetScrollPos
GetMenu
AdjustWindowRectEx
SetScrollInfo
RegisterClassW
GetDlgCtrlID
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
RegisterClipboardFormatW
GetMenuItemID
GetMenuItemCount
CallWindowProcW
GetScrollInfo
GetComboBoxInfo
GetCapture
GetNextDlgTabItem
WindowFromDC
SendMessageW
LoadIconW
IsWindow
DestroyIcon
EnableWindow
LoadImageW
PostMessageW
PostQuitMessage
RegisterWindowMessageW
MessageBoxW
GetWindow
MessageBeep
EnableMenuItem
CopyRect
GetClipboardData
CloseClipboard
OpenClipboard
InflateRect
GetSystemMenu
ShowWindow
WaitForInputIdle
SendMessageTimeoutW
CreateWindowExW
RegisterDeviceNotificationW
DestroyWindow
UnregisterDeviceNotification
PeekMessageW
PostThreadMessageW
GetMessageW
TranslateMessage
DispatchMessageW
ReleaseDC
GetDC
EqualRect
UpdateWindow
DrawEdge
GrayStringW
DrawTextExW
TabbedTextOutW
GetKeyState
SetCursor
DestroyCursor
ReleaseCapture
WindowFromPoint
IsChild
SetCapture
IsWindowVisible
ScreenToClient
FrameRect
PtInRect
GetSysColor
SetWindowRgn
GetClassInfoW
DefWindowProcW
DrawFocusRect
IntersectRect
OffsetRect
IsRectEmpty
UnregisterClassW
LoadCursorW
GetSysColorBrush
RegisterClassExW
GetSystemMetrics
SetRect
GetDesktopWindow
IsIconic
DrawTextW
LoadBitmapW
UnhookWindowsHookEx
GetMenuState
GetSubMenu
ModifyMenuW
RemoveMenu
LoadMenuW
BringWindowToTop
GetWindowRect
SetForegroundWindow
GetCursorPos
GetAsyncKeyState
TranslateAcceleratorW
LoadAcceleratorsW
GetParent
SetParent
InvalidateRect
GetClientRect
SetFocus
GetFocus
CreatePopupMenu
InsertMenuW
ClientToScreen
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW
GetWindowThreadProcessId
EnumWindows
wsprintfW
RedrawWindow
TrackPopupMenu

gdi32

SetBkMode
SetBkColor
RestoreDC
GetRgnBox
GetMapMode
SelectPalette
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
CreateDIBSection
SaveDC
GetRandomRgn
GetPixel
CreateBitmap
StretchDIBits
GetBitmapBits
CreateBitmapIndirect
GetCurrentObject
GetTextColor
GetBkColor
SelectObject
CreateRectRgnIndirect
RoundRect
Rectangle
CreateICW
DeleteDC
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleBitmap
SetPixelV
GetTextExtentPoint32W
RealizePalette
GetDeviceCaps
CreateSolidBrush
OffsetRgn
CombineRgn
CreateRectRgn
CreatePolygonRgn
ExtSelectClipRgn
CreateCompatibleDC
StretchBlt
GetObjectW
DeleteObject
CreateFontIndirectW
BitBlt
GetStockObject
CreatePen

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

CryptHashData
RegFlushKey
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegEnumValueW
CryptAcquireContextW
CryptDecrypt
CryptEncrypt
CryptCreateHash
RegCloseKey
CryptDeriveKey
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
GetLengthSid
LookupAccountNameW
IsValidSid
GetUserNameW
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
OpenThreadToken
OpenProcessToken

comctl32

ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
ImageList_GetImageInfo
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW

shlwapi

PathStripToRootW
PathFindFileNameW
PathFindExtensionW
SHCopyKeyW
PathIsDirectoryW
SHDeleteKeyW
StrFormatByteSizeW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CLSIDFromProgID
CoTaskMemAlloc
CLSIDFromString
CoCreateInstance
CoUninitialize
CoCreateGuid
StringFromCLSID
CoTaskMemFree
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleFlushClipboard
CoRegisterMessageFilter
OleIsCurrentClipboard
CoRevokeClassObject

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
SysStringLen
SysAllocStringLen
VariantChangeType
SystemTimeToVariantTime
VariantCopy
OleCreateFontIndirect

urlmon

URLDownloadToFileW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

507abea21d856c4fcff5723d70d249c2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

version

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 216KB - Virtual size: 212KB

.data Size: 16KB - Virtual size: 71KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 216KB - Virtual size: 212KB

.data
Size: 16KB - Virtual size: 71KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB