2024-04-22_f5128f7fbdef88c5346f7245542c59fc_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-22_f5128f7fbdef88c5346f7245542c59fc_icedid
Size

412KB
MD5

f5128f7fbdef88c5346f7245542c59fc
SHA1

f478b5e83497858af3decfa3da5d6a8e07d8a676
SHA256

aadf2016dd53a8a34d4a14c4ccf39295cd27f543afd6729895ea5c911c14fffc
SHA512

d9a47debc23210057078de22838f94f9ca184cab3870c705d50b937f083c2fe9d4c4256ca73d5b4afbff75c97ba4d123fcd2777f121509c5e75a3cda35a89063
SSDEEP

12288:2ksTjKw2IYLckY3Wv3VdDZto7PcxQLe9E+lXS:2kQkc1W/VDKze7Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-22_f5128f7fbdef88c5346f7245542c59fc_icedid

Files

2024-04-22_f5128f7fbdef88c5346f7245542c59fc_icedid
.exe windows:4 windows x86 arch:x86

8fb810ef90c57333951f77d1a920f868

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

Netbios

advapi32

RegOpenKeyA
RegEnumKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
StartServiceA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
GetUserNameA
CreateProcessAsUserA
DuplicateTokenEx
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
QueryServiceStatus
EnumServicesStatusA
RegUnLoadKeyA
RegLoadKeyA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueA

wininet

DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache

kernel32

WritePrivateProfileStringA
GetCurrentDirectoryA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
CreateFileA
GetFileTime
SetErrorMode
GetTickCount
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
GetTimeZoneInformation
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
FileTimeToLocalFileTime
FindNextFileA
FileTimeToSystemTime
InterlockedDecrement
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
MulDiv
GlobalLock
GlobalUnlock
FormatMessageA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
GlobalFree
GlobalAlloc
SetFileAttributesA
FindFirstFileA
FindClose
CreateFileMappingA
GetExitCodeProcess
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetComputerNameA
MultiByteToWideChar
TerminateProcess
LoadLibraryA
GetProcAddress
OpenProcess
FreeLibrary
GetSystemTime
SetSystemTime
DeleteFileA
WaitForSingleObject
CreateProcessA
TerminateThread
WideCharToMultiByte
SetLastError
LocalAlloc
LocalFree
lstrlenA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentProcess
CreateMutexA
GetLastError
Sleep
GetFileAttributesA

user32

RegisterClipboardFormatA
PostThreadMessageA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
LoadCursorA
MessageBoxA
GetKeyState
MessageBeep
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
CharUpperA
GetSystemMetrics
wsprintfA
LoadIconA
FindWindowA
KillTimer
SetTimer
EnableWindow
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
GetClientRect
GetSystemMenu
PostMessageA
AppendMenuA
DrawIcon
SendMessageA
GetPropA
SetForegroundWindow
GetLastActivePopup
GetWindow
GetDesktopWindow
IsIconic
ReleaseCapture
SetCapture
CharNextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetCursor
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MapWindowPoints
IsDialogMessageA

gdi32

SaveDC
RestoreDC
SetMapMode
DeleteObject
GetClipBox
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ExtTextOutA
GetDeviceCaps
CreateBitmap
GetObjectA
SetTextColor
ScaleWindowExtEx
SetBkColor

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shell32

SHAddToRecentDocs
ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
VariantChangeType

ws2_32

WSACleanup
gethostname
gethostbyname
inet_ntoa
WSAStartup

Sections

.text
Size: 316KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fb810ef90c57333951f77d1a920f868

Headers

File Characteristics

Imports

netapi32

advapi32

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 316KB - Virtual size: 313KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 316KB - Virtual size: 313KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 16KB - Virtual size: 14KB