2024-04-19_c9d5e29e0523397f510cbbc4b5d65954_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-19_c9d5e29e0523397f510cbbc4b5d65954_icedid
Size

648KB
MD5

c9d5e29e0523397f510cbbc4b5d65954
SHA1

156c630a3d850313e5a72a750452607abe6f0afe
SHA256

a723e4170cece53abf68784a9a35e6e7e12c07e4318ac71a8ef598c8d96bb321
SHA512

62a1ce55c4331ee32983a45c441420a66e2b95036c716c060cf5c1239af96c669474f38861507415d2210e9913fb37e220e3223b337b5989da0350b0b14720a4
SSDEEP

12288:eqWLg6yXmEQ/6hJuV2rAbpni0Avc1nwL/zTDbthqTY/KgbFTw:EgnJQaAbpn1N1w7zTDrqT6Kn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-19_c9d5e29e0523397f510cbbc4b5d65954_icedid

Files

2024-04-19_c9d5e29e0523397f510cbbc4b5d65954_icedid
.exe windows:4 windows x86 arch:x86

ce9de3a5ae91ae41a101632388a117f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
closesocket
shutdown
WSACloseEvent
connect
WSAEventSelect
WSASocketA
WSARecv
WSASend
bind
setsockopt
WSARecvFrom
gethostbyname
WSACleanup
WSAEnumNetworkEvents
WSAGetLastError
htonl
inet_addr
htons
inet_ntoa
WSACreateEvent
WSASendTo

wininet

HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

kernel32

GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetTickCount
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ExitThread
CreateThread
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetEnvironmentVariableA
GlobalFlags
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetTimeZoneInformation
SetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFileTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
FreeResource
GetModuleHandleA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynA
WaitForMultipleObjects
ResetEvent
LeaveCriticalSection
EnterCriticalSection
InterlockedCompareExchange
GetCurrentDirectoryA
SetVolumeLabelA
GetDiskFreeSpaceA
GetDriveTypeA
MoveFileA
CreateDirectoryA
FormatMessageA
LocalFree
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedIncrement
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetWindowsDirectoryA
CreateProcessA
SetEvent
Sleep
CreateEventA
WaitForSingleObject
LoadResource
LockResource
SizeofResource
FindResourceA
GetModuleFileNameA
FreeLibrary
LoadLibraryA
GetProcAddress
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileA
ReadFile
CloseHandle
GetFileSize
GetLastError
lstrlenA
lstrcmpiA
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
SetCurrentDirectoryA

user32

RegisterClipboardFormatA
PostThreadMessageA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
InvalidateRgn
CopyAcceleratorTableA
SetRect
DestroyMenu
GetMenuItemInfoA
InflateRect
GetSysColorBrush
SetWindowRgn
DrawIcon
IsRectEmpty
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetNextDlgGroupItem
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
FillRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharToOemBuffA
OemToCharBuffA
UnregisterClassA
CharNextA
CopyRect
SetCapture
GetCapture
PtInRect
ReleaseCapture
LoadCursorA
CopyIcon
SetCursor
MessageBeep
KillTimer
IsIconic
GetSystemMetrics
LoadMenuA
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
GetMessagePos
InsertMenuItemA
FindWindowA
SetTimer
GetClassNameA
LoadIconA
PostQuitMessage
wsprintfA
MessageBoxA
GetWindowRect
GrayStringA
DrawTextExA
TabbedTextOutA
GetClientRect
DrawTextA
GetSysColor
InvalidateRect
PostMessageA
SendMessageA
LoadBitmapA
EnableWindow
CharUpperA
SetForegroundWindow

gdi32

CreateSolidBrush
GetViewportExtEx
CreateEllipticRgn
LPtoDP
Ellipse
CreateRectRgnIndirect
GetMapMode
GetTextExtentPoint32A
GetRgnBox
GetBkColor
GetTextColor
DeleteObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPixel
SetTextColor
SelectObject
SetBkMode
GetStockObject
GetBitmapDimensionEx
BitBlt
CreateCompatibleDC
CreateBitmap
GetClipBox
SetMapMode
SetBkColor
RestoreDC
SaveDC
GetObjectA
GetDeviceCaps
CreateFontIndirectA
CreateFontA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
GetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayAccessData
OleCreateFontIndirect
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString

winmm

mmioSetInfo
mmioAdvance
mmioSeek
mmioWrite
mmioOpenA
mmioCreateChunk
timeGetTime
mmioAscend
mmioRead
mmioDescend
mmioClose
mmioGetInfo

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

dsound

ord11

Sections

.text
Size: 472KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce9de3a5ae91ae41a101632388a117f3

Headers

File Characteristics

Imports

ws2_32

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

oleacc

dsound

Sections

.text Size: 472KB - Virtual size: 470KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 36KB - Virtual size: 49KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 472KB - Virtual size: 470KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 36KB - Virtual size: 49KB

.rsrc
Size: 20KB - Virtual size: 19KB