2024-04-17_572efd806c3d3eaa96be4178897ffa6f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-17_572efd806c3d3eaa96be4178897ffa6f_icedid
Size

440KB
MD5

572efd806c3d3eaa96be4178897ffa6f
SHA1

b80f9f69cfd9df8683a6cb2a58b984ad9a59f8b1
SHA256

766f59dcfd953846552c2264eb888abd6d0b96b3d5488bf31170c83ad4c9a364
SHA512

e2e4ad9212fe07a4eab4b3ced2017380cdaa74472a15be01aa1032a66c1625b1b4a9361f2471b4605bbc11898aa0f38d9d84643aa1d4ee3c700810126232ec9d
SSDEEP

12288:bsfwacBy3+SJ4uzsQrIFheZ1Qcq1su+QNYT:bsfwyJsQUF8/lu+E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-17_572efd806c3d3eaa96be4178897ffa6f_icedid

Files

2024-04-17_572efd806c3d3eaa96be4178897ffa6f_icedid
.exe windows:4 windows x86 arch:x86

b782f745fc18169af202968c91eacbf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetFileTime
GetFileAttributesA
SetErrorMode
GetShortPathNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
InterlockedDecrement
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalAlloc
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetTickCount
Sleep
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CreateDirectoryA
lstrlenA
CreateEventA
GetCurrentProcessId
MultiByteToWideChar
Beep
GetCurrentDirectoryA
CreateThread
ResumeThread
CopyFileA
RemoveDirectoryA
DeleteFileA
GetLastError
SetCurrentDirectoryA
GetSystemTime
MulDiv
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetFileType
InterlockedExchange

user32

InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
LoadCursorA
GetSysColorBrush
DestroyMenu
wsprintfA
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuState
CheckMenuItem
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenuItemID
GetMenuItemCount
EnableWindow
GetDC
SendMessageA
GetWindowRect
FillRect
GetClientRect
ReleaseDC
PostMessageA
GetAsyncKeyState
DrawIcon
GetMenuCheckMarkDimensions
IsIconic
SetTimer
LoadIconA
GetSystemMetrics
wsprintfW
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
PostThreadMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
RemovePropA
SetCapture
UpdateWindow
GetFocus
DeleteMenu
EnableMenuItem
GetMenuStringA
GetSubMenu
ModifyMenuA
LoadMenuA
GetMenu
SetMenu
DrawMenuBar
KillTimer
EnumDisplayMonitors
MonitorFromPoint
CharUpperA
UnregisterClassA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow

gdi32

CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetMapMode
CreateFontIndirectA
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateFontA
GetStockObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetBitmapBits
CreateSolidBrush
GetDeviceCaps
GetObjectA
GetWindowExtEx

comdlg32

GetFileTitleA
GetSaveFileNameA
ChooseColorA
GetOpenFileNameA
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteA

comctl32

ord17

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoGetClassObject
CoCreateInstance
GetRunningObjectTable
CreateItemMoniker
CoInitialize
CoUninitialize
CoTaskMemFree
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes

oleaut32

SysFreeString
VariantClear
VariantInit
VariantChangeType
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
OleCreatePropertyFrame

Sections

.text
Size: 308KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b782f745fc18169af202968c91eacbf9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 308KB - Virtual size: 304KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 16KB - Virtual size: 1.7MB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 308KB - Virtual size: 304KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 16KB - Virtual size: 1.7MB

.rsrc
Size: 40KB - Virtual size: 38KB