2024-04-29_4260cedaaad8f9ca64352f875fea5c92_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-29_4260cedaaad8f9ca64352f875fea5c92_icedid
Size

4.0MB
MD5

4260cedaaad8f9ca64352f875fea5c92
SHA1

e8c163a4ecadc7af4ed784abe1eb098b4f21a72a
SHA256

9a454523d5059d1f51e6c56685a56dec07accefb3ef1351cfdb22d69821ad9b2
SHA512

b8a90485b96a94d66f1423be665af1cd18381c93df5ad80add6e5ca7c0acdb730df8973b058a9416305dc7ee22f95807c8cdbfffc7bf688c261280f723794286
SSDEEP

49152:3U4We1mtm2p5WlBxE2k56uT2zT+0NPKoyR06NOVhM1rCZNu5hOCxh:HWewmCElBxEb6Di2IAC1rCZNu50Cxh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-29_4260cedaaad8f9ca64352f875fea5c92_icedid

Files

2024-04-29_4260cedaaad8f9ca64352f875fea5c92_icedid
.exe windows:5 windows x86 arch:x86

f5c30408a09c0b13c8b85825235987ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recv
send
WSAGetLastError
closesocket

kernel32

LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetFileSizeEx
GetFileTime
GetModuleHandleW
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
ExitProcess
GetConsoleCP
GetConsoleMode
ExitThread
CreateThread
RaiseException
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCommandLineA
GetStartupInfoA
FindNextFileA
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetACP
IsValidCodePage
CompareStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetProcessHeap
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
MoveFileA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
ResumeThread
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetCurrentProcessId
GetModuleFileNameA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryA
lstrcmpW
GetVersionExA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
QueryPerformanceFrequency
QueryPerformanceCounter
TerminateProcess
SetVolumeLabelA
GetDiskFreeSpaceA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetDriveTypeA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
GetTickCount
CreateEventA
CloseHandle
Sleep
GetCurrentDirectoryA
DeleteFileA
GetPrivateProfileStringA
FileTimeToSystemTime
WideCharToMultiByte
GetDiskFreeSpaceExA
WritePrivateProfileStringA
WaitForSingleObject
CreateProcessA
FindResourceA
LoadResource
LockResource
SizeofResource
SetEvent
CreateMutexA
GetLastError
GetSystemDirectoryA
HeapAlloc

user32

SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CharNextA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
GetMessageA
GetActiveWindow
ValidateRect
SetCursor
LoadCursorA
SetTimer
IsRectEmpty
GetCursorPos
WindowFromPoint
GetWindowThreadProcessId
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
BringWindowToTop
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetSysColor
EndPaint
BeginPaint
GetDC
ClientToScreen
ScreenToClient
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CopyRect
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
TranslateAcceleratorA
InvalidateRgn
CopyAcceleratorTableA
UnregisterClassA
GetSysColorBrush
CharToOemBuffA
OemToCharBuffA
CharUpperA
DestroyMenu
GetMenuItemInfoA
InflateRect
SetWindowContextHelpId
GetWindowTextA
MapDialogRect
PostQuitMessage
ReleaseCapture
GetSystemMetrics
LoadIconA
SetCapture
KillTimer
GetClientRect
GetWindowRect
SetWindowRgn
IsIconic
GetSystemMenu
PostMessageA
SendMessageA
AppendMenuA
DrawIcon
SetRect
PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
FindWindowA
GetWindowDC
ReleaseDC
EnableWindow
InvalidateRect
LoadBitmapA
IsWindowVisible

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
GetStockObject
OffsetViewportOrgEx
SelectObject
CreateEllipticRgn
LPtoDP
Ellipse
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
GetMapMode
GetRgnBox
GetBkColor
GetTextColor
SetViewportOrgEx
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateCompatibleBitmap
CreateSolidBrush
CreateFontA
CreatePatternBrush
CreateRectRgn
CombineRgn
DeleteObject
GetDIBits
BitBlt
CreateCompatibleDC
GetObjectA
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA
DragFinish
DragQueryFileA

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameA
UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoTaskMemFree
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy

wininet

InternetCanonicalizeUrlA
InternetQueryOptionA
InternetSetOptionExA
InternetQueryDataAvailable
HttpQueryInfoA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetOpenUrlA
InternetCrackUrlA

Sections

.text
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5c30408a09c0b13c8b85825235987ad

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 351KB - Virtual size: 350KB

.rdata Size: 81KB - Virtual size: 80KB

.data Size: 17KB - Virtual size: 44KB

.rsrc Size: 3.6MB - Virtual size: 3.6MB

.text
Size: 351KB - Virtual size: 350KB

.rdata
Size: 81KB - Virtual size: 80KB

.data
Size: 17KB - Virtual size: 44KB

.rsrc
Size: 3.6MB - Virtual size: 3.6MB