2024-04-23_b658870967000b6d85695da6b0e2aab2_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-23_b658870967000b6d85695da6b0e2aab2_icedid
Size

3.0MB
MD5

b658870967000b6d85695da6b0e2aab2
SHA1

958a9ea9c5074757385aba71598403399680e671
SHA256

fcae5b9e64d082ef7349c7fca8987f860af1ab53fa2348b0e10797c804027655
SHA512

d8d6536e1d7b866905534a26feeb0d2c05f0b1c256213dc24e07f9c484ac82a0a22491ce68ebd15a0314b5669b1c285745e0570dccb90172f7c91356b5c82c10
SSDEEP

49152:Qxef0dxpM9wbBjH5o1Exu9zruyzxFi0mIVLhV+ErxABNhgpi2TZaluOujxt:QxefUpM9EjW+A9zrfzxc0mIVLhzr6BN+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-23_b658870967000b6d85695da6b0e2aab2_icedid

Files

2024-04-23_b658870967000b6d85695da6b0e2aab2_icedid
.exe windows:4 windows x86 arch:x86

7e8cbebba22f5c37c70a1eeb97cd94d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
CM_Remove_SubTree
CM_Locate_DevNodeA
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
CM_Get_Sibling
CM_Get_Parent
CM_Request_Device_EjectW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

newdev

UpdateDriverForPlugAndPlayDevicesA

dbghelp

MakeSureDirectoryPathExists

kernel32

InterlockedDecrement
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
LockResource
LoadResource
FindResourceA
DuplicateHandle
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
GetThreadLocale
lstrcmpA
GlobalReAlloc
SuspendThread
lstrlenW
GetCurrentThread
GetFileTime
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SizeofResource
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
RaiseException
GetFileType
GetTimeZoneInformation
GetSystemTime
ExitProcess
TerminateProcess
ExitThread
GetStartupInfoA
GetACP
HeapSize
HeapReAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetStdHandle
SetHandleCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
InterlockedIncrement
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalUnlock
GetProfileStringA
MoveFileExA
LocalLock
OutputDebugStringA
GetProcAddress
GetModuleHandleA
Sleep
MulDiv
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
CloseHandle
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
CreateFileA
ReadFile
WriteFile
SetThreadPriority
CreateThread
CreateEventA
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetEvent
ResetEvent
CopyFileA
GetFileSize
GetTickCount
CreateDirectoryA
GetFileAttributesA
GetVersionExA
FreeLibrary
LoadLibraryA
GetExitCodeProcess
WritePrivateProfileSectionA
GetPrivateProfileSectionA
SetLastError
lstrlenA
LocalAlloc
LocalFree
GetLastError
GetWindowsDirectoryA
DeleteFileA
SetFileAttributesA
FindClose
FindNextFileA
lstrcatA
FindFirstFileA
GetSystemDirectoryA
GetUserDefaultUILanguage
GlobalUnlock
GlobalLock
GlobalAlloc
DeviceIoControl
GetVolumeInformationA
GlobalSize
GetLocalTime
PeekNamedPipe
CreateProcessA
CreatePipe
GetStdHandle
InitializeCriticalSection
GetModuleFileNameA
MapViewOfFile
CreateFileMappingA
MoveFileA
GetCommandLineA
GetComputerNameA
lstrcpynA
SetFilePointer
RemoveDirectoryA
FormatMessageA
GetPrivateProfileSectionNamesA
WritePrivateProfileStructA
GetTempPathA
ResumeThread
CreateMutexA
ReleaseMutex
GlobalFree
GetLogicalDrives
FileTimeToLocalFileTime
CreateFileW
GetFileAttributesExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFilePointerEx
FindFirstFileW
GetFileAttributesW
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetDriveTypeW
GetVolumeInformationW
WideCharToMultiByte
SetVolumeLabelW
FlushFileBuffers
UnmapViewOfFile
TerminateThread
QueryDosDeviceA
GetDriveTypeA

user32

GetSysColorBrush
DestroyMenu
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
IsClipboardFormatAvailable
GetMessageA
ValidateRect
GetDesktopWindow
LoadStringA
EndPaint
BeginPaint
GetWindowDC
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemInt
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScrollWindow
GetScrollInfo
GetScrollPos
GetTopWindow
IsChild
GetClassInfoA
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EnumWindows
FindWindowExA
SendMessageTimeoutA
UnregisterClassA
HideCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SendMessageA
GetParent
EnableWindow
ReleaseCapture
CharUpperW
SetWindowPos
LoadCursorA
RegisterClassA
CreateWindowExA
DestroyWindow
DefWindowProcA
ModifyMenuA
GetMenuItemID
GetMenuItemCount
ScreenToClient
GetMenuState
IsIconic
DrawIcon
GetSystemMetrics
GetSystemMenu
CharNextA
CopyAcceleratorTableA
PostThreadMessageA
WinHelpA
SetMenu
GetMenu
LoadMenuA
RemoveMenu
GetSubMenu
EnableMenuItem
CheckMenuItem
AppendMenuA
MessageBoxA
GetMessagePos
LockWindowUpdate
PostMessageA
GetKeyState
GetSysColor
SetRect
DrawFocusRect
OffsetRect
WindowFromPoint
GetCursorPos
GetCapture
ClientToScreen
SetActiveWindow
GetNextDlgGroupItem
DispatchMessageA
TranslateMessage
PeekMessageA
RedrawWindow
SetWindowLongA
GetWindowLongA
GetKeyNameTextA
LoadImageA
IsWindow
InflateRect
LoadBitmapA
ReleaseDC
GetDC
GetClientRect
UpdateWindow
ShowWindow
FindWindowA
FillRect
DrawEdge
TabbedTextOutA
DrawTextA
GrayStringA
SetWindowRgn
GetWindowRect
InvalidateRect
SetTimer
KillTimer
CopyRect
LoadIconA
GetClassNameA
GetClipboardData
SetCursor
ShowCaret
SetCaretPos
CreateCaret
PtInRect
RegisterClipboardFormatA
SetScrollInfo
EnableScrollBar
DragDetect
SetScrollPos
DestroyCaret
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
EnumChildWindows
GetWindowTextA
IsWindowVisible
IsWindowEnabled
CharUpperA
WaitForInputIdle
GetWindow
MessageBeep
CallWindowProcA
wsprintfA
GetFocus
SetCapture

gdi32

Rectangle
RoundRect
StretchBlt
GetPixel
TextOutA
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
Escape
CreateFontA
GetCharWidthA
SetBoundsRect
Polygon
GetClipBox
SetTextColor
SetBkColor
PatBlt
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
RectVisible
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
CreateHatchBrush
CopyMetaFileA
GetTextColor
PtVisible
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreatePen
SelectPalette
GetTextExtentPointA
RealizePalette
CreateCompatibleDC
BitBlt
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
CreateFontIndirectA
CreateBitmap
CreateSolidBrush
SelectObject
CreateRectRgn
CombineRgn
SelectClipRgn
GetObjectA
DeleteObject
SetWindowExtEx
CreateDIBitmap
GetStockObject

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegQueryValueExA
SetNamedSecurityInfoA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteExA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_LoadImageA

oledlg

ord8

ole32

OleDuplicateData
CoTaskMemAlloc
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
ReleaseStgMedium
CoInitialize
CoCreateGuid
CoUninitialize
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoTaskMemFree
CoRevokeClassObject
CoGetClassObject
OleGetClipboard

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
VarBstrFromDate
VarDateFromStr
SysAllocStringByteLen
SysAllocString
SysFreeString
SysAllocStringLen
VariantChangeType
VariantClear
VariantCopy
OleLoadPicturePath
LoadTypeLi

wsock32

gethostbyname
gethostname
WSACleanup
closesocket
connect
htons
ioctlsocket
socket
WSAStartup
recv
send
listen
htonl
ntohs
getservbyname
ntohl
accept
shutdown
getsockname
getpeername
bind
setsockopt
recvfrom
select
__WSAFDIsSet
sendto
inet_addr
WSASetLastError
WSAGetLastError
WSAAsyncSelect
inet_ntoa

odbc32

ord18
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord43
ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord3
ord11
ord13
ord61
ord16
ord5
ord10

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e8cbebba22f5c37c70a1eeb97cd94d9

Headers

File Characteristics

Imports

setupapi

newdev

dbghelp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

odbc32

iphlpapi

version

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 448KB - Virtual size: 1.4MB

.rsrc Size: 312KB - Virtual size: 312KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 448KB - Virtual size: 1.4MB

.rsrc
Size: 312KB - Virtual size: 312KB