2024-04-17_ac2b9ca19512b41960ee4b2c7014627b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-17_ac2b9ca19512b41960ee4b2c7014627b_icedid
Size

1.7MB
MD5

ac2b9ca19512b41960ee4b2c7014627b
SHA1

af1cbc8453284a63770d5cc1b936ab0d79d84f8e
SHA256

5fe3f6994b9aad6af2506e16915bc0cf5094bf6dd22f43946577d4071cfce9a2
SHA512

e31cd1a64535443550ab510a628e39ffa7f1c37e84ec552be3384e111fc0192b9796f77ef5235be883f33585aa050b5d443c12c0999898b624ee6712d5e3707c
SSDEEP

24576:Z161actO2qBFdpCslTorPak1ry7z0CYF+0IlY1Ci9/f6uxZOGucq+TIh+A:Zv1BnpCkTorSz0hFbIlY1Ci9/PHq+TI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-17_ac2b9ca19512b41960ee4b2c7014627b_icedid

Files

2024-04-17_ac2b9ca19512b41960ee4b2c7014627b_icedid
.exe windows:4 windows x86 arch:x86

489b00a77e3fd883a50c36aac3620dd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetThreadLocale
DuplicateHandle
GetFullPathNameA
GetProfileIntA
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
WritePrivateProfileStringA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
HeapAlloc
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
CreateThread
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetStdHandle
GetACP
LCMapStringA
LCMapStringW
UnlockFile
GetConsoleMode
SetHandleCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
LockFile
SystemTimeToFileTime
FileTimeToLocalFileTime
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetModuleFileNameW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
GlobalSize
VirtualLock
GetFileType
FlushFileBuffers
VirtualAlloc
VirtualFree
SetCurrentDirectoryA
GetFileAttributesA
CreateMutexA
ReleaseMutex
InterlockedDecrement
InterlockedIncrement
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
ExitThread
LocalAlloc
LocalFree
lstrcpynA
WinExec
GlobalAlloc
InterlockedCompareExchange
CreateSemaphoreW
ReleaseSemaphore
CreateFileW
GetSystemTime
ReadProcessMemory
VirtualProtectEx
WriteProcessMemory
VirtualAllocEx
GetSystemDirectoryW
GetFullPathNameW
lstrcpyW
GetCurrentDirectoryW
FindResourceW
FindResourceExW
WaitForMultipleObjects
GetModuleHandleW
LoadLibraryW
CreateRemoteThread
CreateEventW
LoadLibraryExW
EnumResourceNamesW
lstrcatW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
lstrcpynW
IsBadWritePtr
ResetEvent
IsBadReadPtr
OpenEventW
WaitForMultipleObjectsEx
GlobalLock
GlobalFree
GlobalUnlock
GetFileSizeEx
SetEndOfFile
SetFileAttributesA
SetFilePointerEx
SetLastError
GetCurrentProcess
GetTickCount
GetFileTime
MulDiv
SetFileTime
LoadResource
LockResource
SizeofResource
FindResourceA
GetLogicalDrives
GetWindowsDirectoryA
GetVolumeInformationA
lstrcpyA
lstrcatA
CreateDirectoryA
FindNextFileA
CreateProcessA
WaitForSingleObject
Sleep
SetVolumeLabelA
GetLocalTime
GetCurrentProcessId
GetVersionExA
GetCurrentThreadId
GetModuleHandleA
DeleteFileA
CopyFileA
FindFirstFileA
FindClose
GetDriveTypeA
GetLogicalDriveStringsA
GetFileSize
GetDiskFreeSpaceExA
FormatMessageA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
CreateFileA
CloseHandle
DeviceIoControl
ReadFile
SetFilePointer
GetLastError
WriteFile
lstrlenA
lstrcmpiA
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
MultiByteToWideChar
InterlockedExchange
GetVersion
GetConsoleCP
FlushInstructionCache

user32

PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GetMessageA
ValidateRect
IsDialogMessageA
GetDlgItemTextA
GetDlgItemInt
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
CheckMenuItem
RegisterWindowMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
MapWindowPoints
TrackPopupMenu
IsWindowVisible
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
CallWindowProcA
IntersectRect
GetWindowPlacement
GetWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
GetMenuState
wsprintfA
TranslateAcceleratorA
LoadAcceleratorsA
SetCapture
PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
GetWindowTextA
DialogBoxParamA
SetFocus
SetWindowTextA
SendDlgItemMessageA
EndDialog
GetAsyncKeyState
SetRect
DrawFrameControl
DrawEdge
wsprintfW
FrameRect
FillRect
InflateRect
DrawStateA
GetIconInfo
CopyRect
OffsetRect
RedrawWindow
LoadImageA
DestroyIcon
FindWindowA
FindWindowExA
RegisterClassExA
MoveWindow
GetDlgCtrlID
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassA
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
GetClipboardData
GetMenuItemID
GetMenuItemCount
MessageBeep
GetDCEx
LockWindowUpdate
PostThreadMessageA
RegisterClipboardFormatA
SetParent
SystemParametersInfoA
EnableMenuItem
DeleteMenu
CreateMenu
CreatePopupMenu
AppendMenuA
IsIconic
DrawIcon
GetMenu
ModifyMenuA
SetMenu
LoadIconA
LoadMenuA
PtInRect
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetScrollRange
DrawFocusRect
GetSystemMetrics
GetScrollRange
SetScrollPos
GetScrollPos
ScreenToClient
GetCursorPos
WindowFromPoint
ReleaseDC
ClientToScreen
IsRectEmpty
GetKeyState
GetSubMenu
TrackPopupMenuEx
PostMessageA
SetRectEmpty
GetSysColor
InvalidateRect
GetClassInfoA
DefWindowProcA
DestroyMenu
GetFocus
IsWindow
GetParent
GetClipboardViewer
GetClipboardOwner
GetDesktopWindow
GetCapture
GetActiveWindow
GetMessagePos
GetMessageTime
GetDC
SetClassLongA
GetClientRect
SetDlgItemTextA
UpdateWindow
GetForegroundWindow
GetWindowThreadProcessId
SetForegroundWindow
SetWindowPos
LoadStringA
LoadStringW
GetWindowLongA
GetWindowRect
KillTimer
SetTimer
CreateWindowExA
SetWindowLongA
SendMessageA
ShowWindow
GetDlgItem
EnableWindow
LoadCursorA
SetCursor
CharUpperA
ReleaseCapture

gdi32

ExtSelectClipRgn
DeleteDC
CreatePatternBrush
ScaleWindowExtEx
SetRectRgn
CombineRgn
GetCharWidthA
SetMapMode
StretchDIBits
GetTextColor
GetRgnBox
CreatePen
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
CreateFontA
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CopyMetaFileA
SelectObject
PatBlt
DeleteObject
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetObjectA
GetTextExtentPoint32A
BitBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetTextMetricsA
CreateRectRgnIndirect
GetDeviceCaps
ExcludeClipRect

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyW
OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExW
CryptAcquireContextA
CryptGenRandom
IsTextUnicode
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExW

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ExtractIconExA
SHGetFileInfoA
DragFinish
DragQueryFileA
SHGetFolderPathA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

shlwapi

StrFormatByteSize64A
StrStrIA
SHAutoComplete
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleDuplicateData
StgCreateDocfileOnILockBytes
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
CoMarshalInterface
CoUnmarshalInterface
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoCreateGuid

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

Sections

.text
Size: 908KB - Virtual size: 906KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 472KB - Virtual size: 713KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

489b00a77e3fd883a50c36aac3620dd1

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 908KB - Virtual size: 906KB

.rdata Size: 164KB - Virtual size: 163KB

.data Size: 472KB - Virtual size: 713KB

.rsrc Size: 236KB - Virtual size: 234KB

.text
Size: 908KB - Virtual size: 906KB

.rdata
Size: 164KB - Virtual size: 163KB

.data
Size: 472KB - Virtual size: 713KB

.rsrc
Size: 236KB - Virtual size: 234KB