2024-04-24_c31e6d93e686dffd35c005a82ae71d2c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-24_c31e6d93e686dffd35c005a82ae71d2c_icedid
Size

6.6MB
MD5

c31e6d93e686dffd35c005a82ae71d2c
SHA1

79a901d9de5c93f614f4cc115a72cb35561d2b6a
SHA256

1a0eeacdc9f65051483ae854d44a102fb95686ade236c1e8c5a39f867d15a84b
SHA512

6efe6b55bd6e74e891abbb58de8f3105e8befc251fe4c767bf4e3578de32dbe152e5b5c14f421b8128fe10f740b513b0d863a724f72ca11b1a0e6c941e44f2ec
SSDEEP

98304:J/rJo4MH0cE+krR3OeMpIfEHWQfDnEBXn20TsYkCxyP7/u5ath6mIn:J/rm4jQPpwEHbfDnwnfTVkCM7//v6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-24_c31e6d93e686dffd35c005a82ae71d2c_icedid

Files

2024-04-24_c31e6d93e686dffd35c005a82ae71d2c_icedid
.exe windows:4 windows x86 arch:x86

b45a73da7be30319e89bd9efd1bba916

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidD_GetPreparsedData
HidP_GetCaps
HidD_SetNumInputBuffers
HidD_FreePreparsedData
HidD_GetAttributes
HidD_GetHidGuid
HidD_GetSerialNumberString
HidD_GetManufacturerString
HidD_GetProductString

kernel32

RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
RaiseException
GetTimeZoneInformation
GetSystemTime
GetACP
ExitThread
SetStdHandle
GetFileType
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocalTime
GetLastError
GetCurrentDirectoryA
GetProfileStringA
CopyFileA
ClearCommError
PurgeComm
EscapeCommFunction
CloseHandle
Sleep
CreateFileA
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
WriteFile
GetTickCount
ReadFile
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
InterlockedDecrement
DeleteFileA
InterlockedIncrement
GetTempPathA
ResumeThread
TerminateThread
WaitForSingleObject
MultiByteToWideChar
lstrcpynA
CreateDirectoryA
GetModuleFileNameA
WaitForMultipleObjects
CreateEventA
TerminateProcess
GetExitCodeProcess
LockResource
LoadResource
SizeofResource
FindResourceA
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
InitializeCriticalSection
GetProfileIntA
GlobalAlloc
GetCurrentThread
SuspendThread
SetThreadPriority
FindNextFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
SetLastError
GetFileTime
GetFileSize
GetFileAttributesA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcmpA
GetVersion
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalFree
WideCharToMultiByte
GetCurrentThreadId
CreateThread
FreeLibrary
LoadLibraryA
GetProcAddress
MulDiv
GlobalSize
GlobalLock
GlobalUnlock
GlobalReAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CancelIo
GetOverlappedResult
GetVersionExA
ResetEvent
SetEvent

user32

SetParent
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
LoadStringA
SetRectEmpty
CharNextA
DestroyMenu
ValidateRect
EndPaint
BeginPaint
GetWindowDC
CharUpperA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
SetScrollInfo
ShowScrollBar
GetScrollPos
GetTopWindow
MessageBoxA
IsChild
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetMessageA
DispatchMessageA
TranslateMessage
GetWindowLongA
RegisterClassA
CreateWindowExA
SetWindowLongA
DestroyWindow
PostThreadMessageA
IsRectEmpty
GetDoubleClickTime
GetCapture
ClipCursor
PtInRect
InvertRect
PostMessageA
IsClipboardFormatAvailable
EnableWindow
SendMessageA
RedrawWindow
wsprintfA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
IsWindow
GetWindowRect
GrayStringA
TabbedTextOutA
IntersectRect
GetClassInfoA
DefWindowProcA
SetRect
FillRect
FrameRect
DrawEdge
InflateRect
DrawTextA
GetDC
ReleaseDC
SystemParametersInfoA
LoadCursorA
GetClassNameA
GetNextDlgGroupItem
GetDCEx
CopyAcceleratorTableA
MessageBeep
ReleaseCapture
SetCapture
SetCursor
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
GetScrollInfo
LockWindowUpdate
GetSysColor
DrawFrameControl
CopyRect
CopyImage
GetSysColorBrush
UpdateWindow
InvalidateRect
GetClientRect
LoadBitmapA
GetWindow
SetTimer
GetDlgCtrlID
GetFocus
GetMenu
KillTimer
TranslateAcceleratorA
GetSubMenu
GetMenuItemID
GetMenuItemCount
OffsetRect
SetWindowPos
GetParent
IsWindowVisible
DeleteMenu
ModifyMenuA
LoadAcceleratorsA
LoadMenuA
GetMessagePos
ClientToScreen
AppendMenuA
CreatePopupMenu
GetKeyState
ScreenToClient
LoadImageA
SetForegroundWindow
LoadIconA
GetCursorPos
RegisterDeviceNotificationA
UnregisterDeviceNotification
DestroyIcon
DrawIconEx
DrawStateA
GetDesktopWindow
WindowFromPoint

gdi32

CreateFontA
PatBlt
GetTextMetricsA
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
MoveToEx
LineTo
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
CreateRectRgnIndirect
GetTextColor
StretchDIBits
GetCharWidthA
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
CopyMetaFileA
LPtoDP
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
GetBkColor
BitBlt
GetDeviceCaps
GetCurrentObject
CreateFontIndirectA
CreatePen
CreateSolidBrush
Rectangle
DeleteObject
GetTextExtentPointA
IntersectClipRect
GetTextExtentPoint32A
CreateDIBitmap

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteExA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_GetImageInfo
ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CLSIDFromString
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
CoCreateInstance
OleRun
ReleaseStgMedium
CoTaskMemFree
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleDuplicateData
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
CreateStreamOnHGlobal
CLSIDFromProgID

olepro32

ord253

oleaut32

VariantCopy
VariantInit
SysFreeString
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
GetErrorInfo
VariantClear

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

wsock32

WSACleanup
listen
accept
inet_addr
htons
bind
recvfrom
sendto
WSAGetLastError
connect
getpeername
ntohs
setsockopt
closesocket
WSAStartup
socket
ioctlsocket

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b45a73da7be30319e89bd9efd1bba916

Headers

File Characteristics

Imports

hid

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

setupapi

wsock32

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 232KB - Virtual size: 231KB

.data Size: 120KB - Virtual size: 469KB

.rsrc Size: 3.2MB - Virtual size: 3.2MB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 232KB - Virtual size: 231KB

.data
Size: 120KB - Virtual size: 469KB

.rsrc
Size: 3.2MB - Virtual size: 3.2MB