2024-04-26_a82c864ccbbb06249d83a1808995889b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-26_a82c864ccbbb06249d83a1808995889b_icedid
Size

980KB
MD5

a82c864ccbbb06249d83a1808995889b
SHA1

4ca982823cfd215439a1e661cc7c7b869dbc7bab
SHA256

5486e35b9b209d526c5667f4af813ba500e4e1ab8c226e1e77877feea234d373
SHA512

550c5e52540e1d99fe364a72183e25e602f49b96db12f37642a73d1c72093547e08f1558ecd7e4cdbd1890babaa88d270800996ffd566ebb2f0a4c7afe77b3e9
SSDEEP

24576:D55lFmcEY7qpkn3gr3WbI3ivJm1C92n92a:nM1ivJm1AK2a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-26_a82c864ccbbb06249d83a1808995889b_icedid

Files

2024-04-26_a82c864ccbbb06249d83a1808995889b_icedid
.exe windows:4 windows x86 arch:x86

1526caa774884293632b794527ccf015

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
LCMapStringW
GetCPInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
IsBadWritePtr
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
IsBadCodePtr
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
InterlockedExchange
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime
RtlUnwind
GetStartupInfoW
GetTickCount
FileTimeToLocalFileTime
SetErrorMode
GetFileTime
GetFileAttributesW
FileTimeToSystemTime
WritePrivateProfileStringW
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CreateFileW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
DeleteFileW
MoveFileW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CloseHandle
SetLastError
FormatMessageW
LocalFree
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
FreeResource
GetCurrentThreadId
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
GetVersion
GlobalGetAtomNameW
GlobalAddAtomW
lstrcpynW
lstrcatW
InterlockedDecrement
GetTempPathW
GetTempFileNameW
CopyFileW
lstrlenA
lstrlenW
Sleep
MulDiv
GlobalFree
LoadLibraryW
GetProcAddress
FreeLibrary
DeleteFileA
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
IsBadStringPtrA
IsBadReadPtr
lstrcpyW
WideCharToMultiByte
FindFirstFileW
FindNextFileW
FindClose
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetModuleFileNameW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
QueryPerformanceCounter

user32

CharUpperW
SetTimer
SetParent
DeleteMenu
IsZoomed
SystemParametersInfoW
GetMenuItemInfoW
InflateRect
EndPaint
BeginPaint
GrayStringW
DrawTextExW
TabbedTextOutW
GetMessageW
TranslateMessage
ValidateRect
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemInt
GetDlgItemTextW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetScrollRange
SetScrollPos
GetScrollPos
DeferWindowPos
SetWindowPlacement
CallWindowProcW
SystemParametersInfoA
GetWindowPlacement
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetClassNameW
WinHelpW
SetFocus
GetFocus
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
GetCapture
LoadAcceleratorsW
SetActiveWindow
InsertMenuItemW
CreatePopupMenu
IntersectRect
OffsetRect
GetDesktopWindow
IsWindowEnabled
wsprintfW
AdjustWindowRectEx
SetWindowPos
GetWindowLongW
SetWindowLongW
IsWindow
TranslateAcceleratorW
TranslateMDISysAccel
CreateWindowExW
GetActiveWindow
DrawMenuBar
DefFrameProcW
UnhookWindowsHookEx
DrawTextW
LoadBitmapW
ClipCursor
RemoveMenu
AppendMenuW
GetSystemMetrics
GetWindow
GetSystemMenu
EnableMenuItem
RegisterWindowMessageW
MessageBeep
ReleaseCapture
SetCursor
LoadCursorW
ShowWindow
WindowFromPoint
ShowScrollBar
PeekMessageW
SetCapture
KillTimer
EnableScrollBar
GetDC
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageW
ScreenToClient
ClientToScreen
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
GetWindowRect
InvalidateRect
RegisterClipboardFormatW
LockWindowUpdate
GetDCEx
DefWindowProcW
GetClassInfoW
RegisterClassW
UnregisterClassW
GetCursorPos
IsWindowVisible
SetMenu
GetMenu
PostMessageW
MessageBoxW
LoadMenuW
ModifyMenuW
GetSubMenu
GetMenuItemID
GetMenuItemCount
SetDlgItemTextW
CopyRect
DrawFocusRect
GetSysColor
FillRect
GetSysColorBrush
GetWindowDC
ReleaseDC
EnableWindow
GetLastActivePopup
FindWindowW
UpdateWindow
BringWindowToTop
IsIconic
GetParent
LoadIconW
GetClientRect
SendMessageW
SetForegroundWindow

gdi32

ExtSelectClipRgn
CreatePatternBrush
CreateFontIndirectW
GetCharWidthW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
TextOutW
SetROP2
RoundRect
GetTextAlign
Ellipse
GetTextColor
ScaleViewportExtEx
GetClipBox
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
PtVisible
GetPixel
BitBlt
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateDCW
CreateBitmap
SetBkColor
GetBkColor
CreateSolidBrush
CreateHatchBrush
PatBlt
SetStretchBltMode
DeleteDC
DeleteObject
GetCurrentObject
GetObjectW
CreateFontW
SelectObject
StretchDIBits
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocW
StretchBlt
DPtoLP
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32W
GetWindowExtEx
GetViewportExtEx
GetViewportOrgEx
GetMapMode
GetTextMetricsW
Rectangle
CreatePen
GetStockObject
SetTextColor

comdlg32

GetFileTitleW
PrintDlgW
GetSaveFileNameW
CommDlgExtendedError
FindTextW
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegCloseKey
RegSetValueExA
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExA

shell32

ShellExecuteW
DragFinish
DragQueryFileW
ShellExecuteExW

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocStringLen
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 664KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1526caa774884293632b794527ccf015

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 664KB - Virtual size: 662KB

.rdata Size: 112KB - Virtual size: 109KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 180KB - Virtual size: 176KB

.text
Size: 664KB - Virtual size: 662KB

.rdata
Size: 112KB - Virtual size: 109KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 180KB - Virtual size: 176KB