2024-04-30_74f926758b057f2dd080ff6f3cddbf3f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-30_74f926758b057f2dd080ff6f3cddbf3f_icedid
Size

748KB
MD5

74f926758b057f2dd080ff6f3cddbf3f
SHA1

cdf650039788eccb227b2ef31799eba3a3ed3fc4
SHA256

4b614b85a48d9298d3418b820c83a353c48a00f9cd4de04da164d88a2c7810be
SHA512

ce6cbb00958cea1bef7b64e880605961859cc6a1d5a48e1daa63446cd3694e17f6e6e5a57ce07fee7f02ab172583d7860f10ce3445f470060b25d4a53a62efa7
SSDEEP

12288:8Lnp3tSrxI3N4fspRPknlnvnprkuAclZzi5:8LpdJNSEPgnvnGQZ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-30_74f926758b057f2dd080ff6f3cddbf3f_icedid

Files

2024-04-30_74f926758b057f2dd080ff6f3cddbf3f_icedid
.exe windows:4 windows x86 arch:x86

7b1685cacde1e53ec878c1e79fad7a57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

kernel32

WritePrivateProfileStringA
SetErrorMode
FileTimeToLocalFileTime
GetFileTime
FindResourceExA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
HeapSize
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetFileAttributesA
IsDBCSLeadByte
GetModuleFileNameA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedExchange
GetLastError
GetVersion
lstrlenW
CompareStringA
CompareStringW
lstrcmpiA
lstrlenA
GetVersionExA
GetModuleHandleA
SetLastError
FileTimeToSystemTime
Sleep
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
VirtualProtect
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
WaitForSingleObject
CloseHandle
GetThreadLocale
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleFileNameW
FormatMessageA
MulDiv
LocalFree
LocalAlloc
GetCurrentProcessId
LoadLibraryExA
GetTickCount
DeleteCriticalSection
RaiseException
InitializeCriticalSection

user32

GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
EndPaint
LoadBitmapA
SetWindowRgn
GetClientRect
InvalidateRect
EnableWindow
CopyRect
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
ReleaseCapture
SetCapture
InvalidateRgn
CopyAcceleratorTableA
DestroyMenu
GetMenuItemCount
GetSubMenu
UnregisterClassA
LoadCursorA
GetSysColorBrush
GetAsyncKeyState
SetWindowContextHelpId
GetWindowRect
GetParent
SendMessageA
GetSystemMetrics
DrawFocusRect
GetSysColor
LoadImageA
GetDlgItem
IsWindow
PostQuitMessage
PeekMessageA
GetKeyState
MessageBoxA
SetRectEmpty
InflateRect
MapDialogRect
SetFocus
GetFocus
IsWindowEnabled
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
CharUpperA
IsRectEmpty
SetRect
IntersectRect
ClientToScreen
RegisterClipboardFormatA
RegisterWindowMessageA
DispatchMessageA
CharNextA
PostMessageA
SetActiveWindow

gdi32

RestoreDC
SetMapMode
GetClipBox
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SaveDC
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetMapMode
GetRgnBox
EnumFontFamiliesExA
DeleteObject
GetDeviceCaps
CreateFontIndirectA
SetTextColor
SetBkColor
ExtTextOutA
GetTextExtentPoint32A
GetPixel
BitBlt
CreateCompatibleDC
CombineRgn
CreateRectRgn
SetViewportExtEx
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
StrToIntExA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen
LoadRegTypeLi
LoadTypeLi
GetErrorInfo
VariantInit
VarUI4FromStr
VariantChangeType
SysAllocStringByteLen
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

Sections

.text
Size: 548KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b1685cacde1e53ec878c1e79fad7a57

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 548KB - Virtual size: 545KB

.rdata Size: 156KB - Virtual size: 154KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 548KB - Virtual size: 545KB

.rdata
Size: 156KB - Virtual size: 154KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 20KB - Virtual size: 19KB