2024-04-24_6787f342ab5fe331e92d7b19eef9f226_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-24_6787f342ab5fe331e92d7b19eef9f226_icedid
Size

2.1MB
MD5

6787f342ab5fe331e92d7b19eef9f226
SHA1

41b2935c0ff59a6d2ad5996ade55dbc4ca5c5ea2
SHA256

18710d85dc492c4b920aa1bbcce18d78ca11c80aa5e8ed4e770250d6eaa7c5c7
SHA512

db4708cb679c75e6ed069dfcd4f9e523f299fa62573141b374015aca3baf7782fc7172e5c8dbebb8766178e3f3a6245e7dea6f5ef70a7b2b288cb406d7b2a75e
SSDEEP

49152:TdYRjbiPw2b80cpvLPvSJd6KVJj/lGoVAL/yDfgL/jZWHQmGdZ2+2Xe:ajbiPuNTPvSJd6Ij/lGoVALGgrtWwmnO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-24_6787f342ab5fe331e92d7b19eef9f226_icedid

Files

2024-04-24_6787f342ab5fe331e92d7b19eef9f226_icedid
.exe windows:5 windows x86 arch:x86

48125038859dbff1a2ca0f148f718a3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

kernel32

GetUserDefaultLCID
WriteConsoleA
SetEnvironmentVariableA
GetLocaleInfoW
IsValidLocale
GetProcessHeap
GetConsoleOutputCP
EnumSystemLocalesA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
CompareStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
SetHandleCount
GetConsoleMode
GetConsoleCP
VirtualFree
HeapCreate
GetStdHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetACP
GetFileType
SetStdHandle
ExitProcess
CreateThread
ExitThread
HeapSize
HeapReAlloc
VirtualQuery
VirtualAlloc
RtlUnwind
HeapAlloc
GetStartupInfoA
GetCommandLineA
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RemoveDirectoryA
GetSystemTimeAsFileTime
GetProfileIntA
GetTickCount
GetFileSizeEx
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetSystemDirectoryW
LoadLibraryW
SetFilePointer
GetFullPathNameA
GetFileTime
GetFileAttributesA
FindResourceExA
GetOEMCP
GetCPInfo
GetLocaleInfoA
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalFlags
FileTimeToSystemTime
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
InterlockedIncrement
GetModuleHandleW
lstrcpyA
lstrcmpA
GetCurrentProcessId
VirtualProtect
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
GlobalFree
CopyFileA
GlobalSize
FormatMessageA
lstrlenW
MulDiv
lstrlenA
RaiseException
InterlockedExchange
LocalFree
LocalAlloc
MultiByteToWideChar
lstrcpynA
SetLastError
WritePrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalUnlock
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
GetModuleFileNameA
GetSystemInfo
FreeLibrary
GetModuleHandleA
FreeResource
GetLastError
CreateDirectoryA
GetTempFileNameA
GetLongPathNameA
GetTempPathA
SearchPathA
DeleteFileA
SetCurrentDirectoryA
CloseHandle
WriteFile
CreateFileA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
WriteConsoleW

user32

DestroyMenu
GetMenuItemInfoA
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
TabbedTextOutA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
MapVirtualKeyA
GetKeyNameTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
CheckMenuItem
GetActiveWindow
MapDialogRect
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
GetClassInfoExA
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetMenu
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetWindowTextLengthA
SetFocus
IsWindowEnabled
MoveWindow
GetDlgCtrlID
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
GetWindow
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
IsRectEmpty
FrameRect
BringWindowToTop
IsWindow
RegisterWindowMessageA
RedrawWindow
LockWindowUpdate
ShowScrollBar
SetForegroundWindow
ReleaseDC
GetDC
SubtractRect
DrawIcon
PtInRect
GetFocus
DrawFrameControl
InflateRect
GetClassInfoA
GetScrollPos
SetScrollPos
RegisterClassA
GetWindowRgn
DeferWindowPos
EqualRect
EndDeferWindowPos
BeginDeferWindowPos
GetClassNameA
CallWindowProcA
RemovePropA
GetPropA
GetWindowLongA
SetPropA
SetWindowRgn
IsZoomed
IsMenu
AdjustWindowRectEx
EnableMenuItem
GetSubMenu
LoadMenuA
SetCapture
ClientToScreen
ReleaseCapture
KillTimer
SetTimer
SetScrollRange
GetScrollRange
DrawFocusRect
FillRect
UpdateWindow
InvalidateRect
DrawTextA
CopyRect
SendMessageA
GetParent
PostMessageA
GetDlgItem
EnableWindow
OpenClipboard
MapVirtualKeyExA
IsCharLowerA
GetIconInfo
EmptyClipboard
SetClipboardData
GetSysColor
UnionRect
CreatePopupMenu
AppendMenuA
GetCursorPos
CloseClipboard
GetWindowTextA
ShowWindow
SetWindowPos
DispatchMessageA
TranslateMessage
PeekMessageA
LoadStringA
SetRect
SetWindowLongA
CreateWindowExA
RegisterClassExA
GetSystemMetrics
LoadIconA
DestroyWindow
GetClientRect
SetRectEmpty
GetSysColorBrush
ValidateRect
GetMessageA
PostQuitMessage
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
EnumDisplaySettingsA
SetMenu
LoadCursorA
SetCursor
SetWindowTextA
MessageBoxA
GetAsyncKeyState
LoadImageA
GetWindowRect
IsWindowVisible
DefWindowProcA
ScreenToClient
GetNextDlgGroupItem
DestroyCursor
SystemParametersInfoA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
CopyImage
GetMenuDefaultItem
GetUpdateRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageA
CreateMenu
UpdateLayeredWindow
EnableScrollBar
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ShowOwnedPopups
DestroyIcon
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawEdge
DrawIconEx
DrawStateA
CharUpperA
MessageBeep
GetSystemMenu
DeleteMenu
SetClassLongA
NotifyWinEvent
WindowFromPoint
DestroyAcceleratorTable
GetDesktopWindow
SetParent

gdi32

SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
SetBkMode
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesA
GetTextCharsetInfo
EnumFontFamiliesExA
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateDIBSection
Polyline
Polygon
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextFaceA
SetPixelV
RestoreDC
SaveDC
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileA
GetDeviceCaps
BitBlt
CreateCompatibleDC
GetBkColor
GetCurrentObject
GetTextMetricsA
SelectObject
Rectangle
GetStockObject
OffsetRgn
DPtoLP
CombineRgn
SetRectRgn
CreateRectRgn
CreateFontIndirectA
GetObjectA
GetViewportExtEx
GetTextExtentPoint32A
CreateRectRgnIndirect
CreateHatchBrush
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

shell32

SHFileOperationA
DragFinish
DragQueryFileA
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHAppBarMessage

comctl32

ord17
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveFileSpecW

winmm

PlaySoundA

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoInitializeEx
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleCreateMenuDescriptor

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48125038859dbff1a2ca0f148f718a3c

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

winmm

ole32

oleaut32

gdiplus

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 375KB - Virtual size: 374KB

.data Size: 27KB - Virtual size: 64KB

.rsrc Size: 70KB - Virtual size: 69KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 375KB - Virtual size: 374KB

.data
Size: 27KB - Virtual size: 64KB

.rsrc
Size: 70KB - Virtual size: 69KB