2024-04-18_b715d11520d8fe4990e80f534e882fc0_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-18_b715d11520d8fe4990e80f534e882fc0_icedid
Size

832KB
MD5

b715d11520d8fe4990e80f534e882fc0
SHA1

94517863ef4993253923bbb5839cde2cbec4d399
SHA256

bc2bdbf2783ebf3c6c0191d69419019336d54b7b24034f2a6f6fd82cf58e7d6c
SHA512

5ff443bcee9262fdb42b0cd84a86e0c5479064581a100d7964a59ded7830d7c7f0bc8cea840758fb9797fed2bc0a1e5409f90d13d3e0b17039aa21693bd0a135
SSDEEP

12288:dZ4yo5aSRPNw469MdkJQBr8B2ZZvNUR2IjanfVrl3btnzBHu3EP:waSfwIkJQaB2ZcandJDH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-18_b715d11520d8fe4990e80f534e882fc0_icedid

Files

2024-04-18_b715d11520d8fe4990e80f534e882fc0_icedid
.exe windows:4 windows x86 arch:x86

663c2b75a085e044bfaa105bda185e5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
CreateFileW
LocalFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
Process32Next
Process32First
CopyFileW
CreateDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetComputerNameW
WideCharToMultiByte
GetCurrentProcess
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
GlobalFree
SetLastError
FindClose
GetVersionExA
lstrcmpW
LoadLibraryA
GetModuleHandleA
lstrlenA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GlobalGetAtomNameW
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
lstrcmpiA
lstrcmpA
FileTimeToSystemTime
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
GetStartupInfoW
HeapAlloc
HeapFree
ExitProcess
RtlUnwind
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetOEMCP
GetCPInfo
TerminateProcess
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTickCount
SetUnhandledExceptionFilter
GetTimeFormatA
GetDateFormatA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryW
GetProcAddress
DeleteFileW
ReleaseMutex
GetCurrentThread
GetCurrentThreadId
ResetEvent
lstrcatW
Sleep
SetEvent
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
Thread32Next
CreateMutexW
FormatMessageW
LocalAlloc
CreateEventW
CreateThread
CloseHandle
WaitForSingleObject
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
lstrcpynW
LeaveCriticalSection
EnterCriticalSection
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrcpyW
lstrlenW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

SetCursor
GetActiveWindow
DestroyMenu
LoadMenuW
ReuseDDElParam
UnpackDDElParam
ValidateRect
GetCursorPos
PostQuitMessage
ShowOwnedPopups
CharUpperW
GetSysColorBrush
InflateRect
GetMenuItemInfoW
SystemParametersInfoW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
MessageBoxW
TrackPopupMenu
GetKeyState
ReleaseCapture
SetForegroundWindow
TabbedTextOutW
GetMenu
PostMessageW
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
SetMenu
GetWindowRect
GetSystemMetrics
CopyRect
PtInRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
FillRect
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorW
EndPaint
BeginPaint
LoadBitmapW
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
UpdateWindow
UnregisterClassW
SendMessageW
PeekMessageW
GetMessageW
PostThreadMessageW
wsprintfW
EnableWindow
LoadCursorW
CharNextW
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
GetWindowPlacement
DrawTextW
GetMessageTime
GetMessagePos
LoadIconW
GetClientRect
MapWindowPoints
IsWindowVisible

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegEnumValueW
RegConnectRegistryW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

StringFromCLSID
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoCreateGuid
CoInitialize
CLSIDFromProgID
CoRegisterMessageFilter
CoUninitialize
CoInitializeEx
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
OleRun

oleaut32

VariantTimeToSystemTime
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
VarBstrFromDate
GetErrorInfo
SysAllocString
SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VarBstrCmp
VariantClear
VariantCopy
VarUI4FromStr
VariantInit
LoadRegTypeLi
LoadTypeLi
SystemTimeToVariantTime
VarUdateFromDate
UnRegisterTypeLi
RegisterTypeLi
DispCallFunc
SafeArrayGetElement
SysAllocStringLen
VariantChangeType

rpcrt4

UuidToStringA
RpcStringFreeA
UuidCreate

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsW

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
DeleteObject
SetMapMode
GetTextExtentPoint32W
CreateFontIndirectW
CreateCompatibleBitmap
CreateSolidBrush
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
SetViewportExtEx
ScaleViewportExtEx

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

comdlg32

GetFileTitleW

shell32

DragFinish
DragQueryFileW
SHFileOperationW
SHGetFolderPathW

Sections

.text
Size: 572KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

663c2b75a085e044bfaa105bda185e5d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

rpcrt4

comctl32

shlwapi

oledlg

oleacc

gdi32

winspool.drv

comdlg32

shell32

Sections

.text Size: 572KB - Virtual size: 568KB

.rdata Size: 192KB - Virtual size: 189KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 52KB - Virtual size: 49KB

.text
Size: 572KB - Virtual size: 568KB

.rdata
Size: 192KB - Virtual size: 189KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 52KB - Virtual size: 49KB