2024-04-24_6c9e7bd20704b12ec24e8da5621cc7d3_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-24_6c9e7bd20704b12ec24e8da5621cc7d3_icedid
Size

776KB
MD5

6c9e7bd20704b12ec24e8da5621cc7d3
SHA1

da727dc0fdf8501dc66a89add206f44bce447a02
SHA256

f6c74d70f5971573470b2ea0f2847475ea724d1b65feb5c7f0f7d9dcbacd5b31
SHA512

80b7a9cfc100803d36b99d5f99564757f640d84fa4998c2931a8ab09e5d41727e24b28e33a86c21184f601eabcf245c73c94c281110b876ffd7eb859ba9b85de
SSDEEP

12288:B+HXAZOO4GEExHmzElsCkSWhTe2LpOX+eZ4lQbLCOAj:A3AZOzcmzElsdLtpo+eZ4Lnj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-24_6c9e7bd20704b12ec24e8da5621cc7d3_icedid

Files

2024-04-24_6c9e7bd20704b12ec24e8da5621cc7d3_icedid
.exe windows:4 windows x86 arch:x86

90d11206106cb9c8c6a3f954cc7f0df2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mil

ord102
ord142
ord123
ord145
ord132
ord125
ord103
ord143
ord114
ord109
ord141
ord147
ord274
ord138
ord273
ord101
ord100
ord275

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod
timeGetDevCaps

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

kernel32

TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GlobalFlags
GetCPInfo
GetOEMCP
GetThreadLocale
WritePrivateProfileStringA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
LeaveCriticalSection
CreateFileA
SetErrorMode
HeapReAlloc
VirtualAlloc
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
GetCommandLineA
GetStartupInfoA
ExitThread
CreateThread
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileW
LocalAlloc
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
SuspendThread
ReleaseSemaphore
CreateSemaphoreA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
SetLastError
DeleteFileA
FindFirstFileA
FindClose
GetFullPathNameW
GetTempPathA
GetTempFileNameA
DeleteFileW
GetModuleHandleA
GetProcAddress
GetSystemInfo
GetCurrentProcessId
GetModuleFileNameA
lstrcpyA
CreateEventA
GetCurrentProcess
GetCurrentThread
SetPriorityClass
SetThreadPriority
WaitForMultipleObjects
ResetEvent
GetLocaleInfoW
Sleep
GetCurrentThreadId
FormatMessageA
LocalFree
GetFullPathNameA
ExpandEnvironmentStringsW
ReleaseMutex
CloseHandle
SetEvent
CreateMutexA
OpenMutexA
WaitForSingleObject
GetProcessHeap
HeapAlloc
HeapFree
ResumeThread
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange

user32

GetSysColorBrush
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
GetWindowThreadProcessId
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
GetParent
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SystemParametersInfoA
DestroyMenu
CopyRect
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnregisterClassA
GetLastActivePopup
LoadCursorA
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSystemMetrics
AdjustWindowRect
EnableWindow
LoadIconA
SetTimer
RedrawWindow
GetSystemMenu
PostMessageA
SendMessageA
AppendMenuA
GetClassInfoA

gdi32

SetMapMode
GetClipBox
ScaleWindowExtEx
DeleteDC
CreateBitmap
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
GetPixel
GetTextColor
GetBkColor
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
StretchDIBits
CreatePen
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetObjectA
DeleteObject
MoveToEx
LineTo
SetWindowExtEx

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
FreeSid

shell32

SHGetFolderPathW
Shell_NotifyIconA

shlwapi

PathFindFileNameA
PathRemoveFileSpecA
PathFindExtensionA
PathFileExistsA

oleaut32

VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
VariantClear
VariantChangeType

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90d11206106cb9c8c6a3f954cc7f0df2

Headers

File Characteristics

Imports

mil

winmm

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

imagehlp

Sections

.text Size: 616KB - Virtual size: 615KB

.rdata Size: 124KB - Virtual size: 122KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 616KB - Virtual size: 615KB

.rdata
Size: 124KB - Virtual size: 122KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 16KB - Virtual size: 15KB