2024-04-23_2536efdf5ec4a474d95ca1c09696d3df_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-23_2536efdf5ec4a474d95ca1c09696d3df_icedid
Size

1.5MB
MD5

2536efdf5ec4a474d95ca1c09696d3df
SHA1

dd09dd5b503df48f53fdff73ea2836fc076b85a3
SHA256

67e46374cc3d37d2cf56144a5c02271638b29c5ad8ec7bdbaf94588e4620988a
SHA512

a05aafd2947fcf38df227cb64c4ba4e3880b0897cced2b677e6ecbb63b73bc955fc9517b52177fc8356afbe03d8695f7bc6badd8ac0346af0e28b68f39116dd9
SSDEEP

24576:RMEJEmn1P1lzFiE6FYcZwZKPWJjFkmKpnT82Kpd+/R2JkpOp2pupGp:RT+Mbdc+DJyT2+/R2JkpOp2pupGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-23_2536efdf5ec4a474d95ca1c09696d3df_icedid

Files

2024-04-23_2536efdf5ec4a474d95ca1c09696d3df_icedid
.exe windows:4 windows x86 arch:x86

e206d0c01007a997fd42e82a70adf8c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetCurrentDirectoryA
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetDriveTypeA
GetLocaleInfoW
GetFileType
SetStdHandle
FindResourceA
GlobalAddAtomA
GetProfileStringA
InterlockedExchange
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapSize
ExitThread
CreateThread
HeapReAlloc
GetDriveTypeW
RaiseException
HeapFree
HeapAlloc
RtlUnwind
GetStartupInfoW
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FindResourceExW
GetCurrentDirectoryW
GlobalFlags
FindNextFileW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetVolumeInformationW
FindFirstFileW
FindClose
UnlockFile
LockFile
SetFilePointer
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
GetProfileIntW
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetFullPathNameW
GetTempFileNameW
GetFileAttributesW
CreateEventW
SuspendThread
SetEvent
lstrcmpW
lstrcmpA
lstrcmpiA
GetCurrentThread
GlobalGetAtomNameW
GlobalFree
LoadLibraryA
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
InterlockedDecrement
InterlockedIncrement
MulDiv
GetModuleHandleA
SetLastError
lstrlenA
ExitProcess
SizeofResource
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
SetCurrentDirectoryW
FindResourceW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
FlushFileBuffers
WriteFile
ReadFile
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
CloseHandle
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetWindowsDirectoryW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
GetCurrentProcess
GetTempPathW
CreateDirectoryW
GetFileAttributesExW
GetLongPathNameW
GetShortPathNameW
GetLastError
LocalFree
MoveFileW
DeleteFileW
SetThreadPriority
Sleep
CreateProcessW
TerminateProcess
GetExitCodeProcess
GetModuleHandleW
GetProcAddress
GetVersionExW
GetCurrentThreadId
lstrcpynW
lstrcpyW
WaitForSingleObject
ResumeThread
GetTickCount
lstrlenW

user32

MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
PeekMessageW
EqualRect
DeferWindowPos
GetTopWindow
MessageBoxW
WinHelpW
GetClassInfoW
RegisterClassW
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
CreateWindowExW
DefWindowProcW
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SystemParametersInfoW
GetWindowPlacement
GetDlgCtrlID
AdjustWindowRectEx
wsprintfW
EndPaint
BeginPaint
GetWindowDC
SetWindowPos
LockWindowUpdate
CheckMenuItem
IsChild
GetMenu
SetMenu
IsIconic
FindWindowW
ExitWindowsEx
DestroyIcon
TranslateMessage
InsertMenuW
DrawFocusRect
IsWindowEnabled
RegisterWindowMessageW
GetWindow
SetRect
GetMessageW
DispatchMessageW
GetDC
ReleaseDC
ShowWindow
IntersectRect
IsRectEmpty
SetRectEmpty
GetMenuStringW
CallNextHookEx
SetFocus
keybd_event
SetWindowsHookExW
SetMenuItemBitmaps
UnhookWindowsHookEx
GetCapture
GetMenuItemCount
WindowFromPoint
DestroyMenu
GetSysColor
CreatePopupMenu
GetMessagePos
RedrawWindow
BeginDeferWindowPos
LoadCursorW
DestroyCursor
UnregisterClassW
DestroyWindow
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
OffsetRect
EndDeferWindowPos
GetSystemMenu
RemovePropW
GetPropW
CallWindowProcW
SetPropW
SetWindowLongW
GetMenuItemID
GetMenuDefaultItem
LoadIconW
KillTimer
SetTimer
SetParent
InflateRect
ClientToScreen
GetParent
SetMenuDefaultItem
LoadMenuW
GetClassNameW
CharUpperW
GetSysColorBrush
GetDCEx
wvsprintfW
MapDialogRect
GetAsyncKeyState
ValidateRect
ShowOwnedPopups
GrayStringW
DrawTextW
TabbedTextOutW
ScreenToClient
LoadBitmapW
UpdateWindow
GetFocus
SetCapture
ReleaseCapture
SetActiveWindow
SetForegroundWindow
SendMessageW
GetSubMenu
AppendMenuW
InvalidateRect
IsWindowVisible
GetWindowRect
GetCursorPos
PtInRect
GetKeyState
DeleteMenu
PostMessageW
CheckMenuRadioItem
EnableWindow
GetClientRect
PostQuitMessage
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
GetDesktopWindow
TranslateAcceleratorW
LoadAcceleratorsW
LoadStringW
EndDialog
GetActiveWindow
CreateDialogIndirectParamW
GetMenuCheckMarkDimensions
GetMenuState
SetCursor
ModifyMenuW
GetWindowTextA
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
IsWindow
GetWindowLongW
EnableMenuItem
TrackPopupMenuEx
GetNextDlgTabItem
CopyRect
GetSystemMetrics

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
SetMapMode
GetDeviceCaps
CreatePen
CreateSolidBrush
CreatePatternBrush
SetRectRgn
GetTextMetricsW
EnumFontFamiliesExW
CreateRectRgn
CombineRgn
SetTextColor
SetBkMode
CreateBitmap
SetBkColor
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
RestoreDC
CreateDIBSection
DeleteDC
PatBlt
DeleteObject
SelectObject
GetBkMode
GetBkColor
GetTextExtentPoint32W
GetTextColor
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectW
GetStockObject
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
GetObjectW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegCloseKey
RegQueryValueW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW

shell32

DragQueryFileW
ShellExecuteW
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ExtractIconW
SHFileOperationW
SHGetSpecialFolderPathW
DragAcceptFiles
DragFinish

comctl32

ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_AddMasked
_TrackMouseEvent
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_EndDrag
ord17
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Create
ImageList_DrawIndirect
ImageList_Draw

shlwapi

PathFindExtensionW
PathFileExistsW
PathMakePrettyW
PathFindFileNameW
PathRemoveFileSpecW
PathRenameExtensionW
PathIsRootW
PathIsDirectoryW
PathIsURLW

winhttp

WinHttpAddRequestHeaders
WinHttpReceiveResponse
WinHttpSetOption
WinHttpQueryOption
WinHttpSendRequest
WinHttpQueryHeaders
WinHttpCrackUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoCreateGuid

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 816KB - Virtual size: 814KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e206d0c01007a997fd42e82a70adf8c2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

winhttp

ole32

oleaut32

Sections

.text Size: 816KB - Virtual size: 814KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 104KB - Virtual size: 121KB

.rsrc Size: 456KB - Virtual size: 455KB

.text
Size: 816KB - Virtual size: 814KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 104KB - Virtual size: 121KB

.rsrc
Size: 456KB - Virtual size: 455KB