2024-05-03_db4a342019f6a6560a15cc7ceb49d32b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-03_db4a342019f6a6560a15cc7ceb49d32b_icedid
Size

2.1MB
MD5

db4a342019f6a6560a15cc7ceb49d32b
SHA1

2fd90088592b9ff7a1fa40e5d999ceddd9c0cf5d
SHA256

067b9b4f3d85e1ec6b3e098976347c77430138c01c0b3a4063b2892d99e66eb4
SHA512

086acd15c0a0f593cd3f76c0f84311498894da1dbb043f4029319301fd77f3f3a58915c7e19b04f9a4bd0b6e074529cc1d8d9bbdcf0f4511fca51de93269c15d
SSDEEP

49152:yikiQOK/ucPFo+2dLQ+9ZTlybzaRerX8:UJOKHPFX21Q+9ZTw6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-03_db4a342019f6a6560a15cc7ceb49d32b_icedid

Files

2024-05-03_db4a342019f6a6560a15cc7ceb49d32b_icedid
.exe windows:4 windows x86 arch:x86

a61b164e52a02d9fb3fdb2fcfbba871e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sense3

RefreshDeviceList
SENSE3

kernel32

HeapReAlloc
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FindNextFileA
CreateFileA
DeviceIoControl
GetVersionExA
CloseHandle
GetLastError
GetTickCount
Sleep
GetSystemTime
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
MultiByteToWideChar
WideCharToMultiByte
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
GetSystemTimeAsFileTime
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
GetCurrentDirectoryA
SetErrorMode
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GlobalFlags
VirtualProtect
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GetDiskFreeSpaceA
GetFileTime
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetFullPathNameA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetStringTypeExA
GlobalUnlock
GlobalLock
GlobalFree
FormatMessageA
SetEnvironmentVariableA
GetDefaultCommConfigA
GlobalSize
GlobalAlloc
GlobalReAlloc
GetPrivateProfileStringA
WritePrivateProfileStringA
DeleteFileA
GetProcAddress
FreeLibrary
MoveFileA
DeleteCriticalSection
RaiseException
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpW
GetModuleHandleA
SetLastError
MulDiv
LocalFree
lstrcpynA
FreeResource
GetCurrentProcess
GetPriorityClass
GetCurrentThread
GetThreadPriority
SetPriorityClass
SetThreadPriority
GlobalFindAtomA
ReadFile
GetVolumeInformationA
GetCommProperties
InitializeCriticalSection
EnterCriticalSection
SetDefaultCommConfigA
GetCommMask
PurgeComm
LeaveCriticalSection
CommConfigDialogA
CreateEventA
WaitForSingleObject
WriteFile
GetModuleFileNameA
WinExec
GlobalAddAtomA
FindAtomA
GlobalDeleteAtom
GetTempPathA
GetTempFileNameA
GetConsoleCP
ExitProcess
GlobalHandle
GetPrivateProfileIntA
GetSystemDefaultLangID
FindResourceA
LoadResource
LockResource
SizeofResource
GetPrivateProfileSectionA
GetCommTimeouts
SetCommTimeouts
GetCommState
SetCommState
GetWindowsDirectoryA
lstrcatA
OpenFile
lstrcpyA
LoadLibraryA

user32

GetTabbedTextExtentA
PostThreadMessageA
CreateMenu
CopyAcceleratorTableA
DestroyIcon
SetWindowRgn
DrawIcon
LockWindowUpdate
GetDCEx
GetSysColorBrush
ShowOwnedPopups
PostQuitMessage
GetSystemMenu
DeleteMenu
IsRectEmpty
SetParent
IsZoomed
SetCursorPos
WaitMessage
GetWindowThreadProcessId
RedrawWindow
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
CreatePopupMenu
TranslateAcceleratorA
ValidateRect
SetRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsChild
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
ScrollWindow
TrackPopupMenu
ShowScrollBar
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
EndPaint
BeginPaint
GrayStringA
DrawTextExA
TabbedTextOutA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetWindowTextLengthA
GetWindowTextA
SetFocus
MoveWindow
GetDlgCtrlID
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetLastActivePopup
IsIconic
SetForegroundWindow
ShowWindow
SetActiveWindow
DrawTextA
SetRectEmpty
GetSysColor
SetTimer
GetCursor
GetAsyncKeyState
GetFocus
GetClassLongA
IntersectRect
GetKeyboardLayout
WindowFromPoint
BringWindowToTop
FindWindowA
GetCursorPos
FillRect
KillTimer
ScreenToClient
SetMenu
GetMenuState
CheckMenuItem
keybd_event
ShowCursor
RegisterClipboardFormatA
IsWindow
GetMenu
GetMenuItemInfoA
InsertMenuItemA
GetSubMenu
GetMenuStringA
EnableMenuItem
DestroyCursor
MessageBoxA
GetWindowDC
GetSystemMetrics
SetClassLongA
ReleaseCapture
PeekMessageA
GetScrollPos
LoadCursorA
SetCursor
SetCapture
ClientToScreen
LoadBitmapA
wsprintfA
TranslateMessage
DispatchMessageA
GetMessageA
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetWindow
SetWindowTextA
LoadStringA
GetKeyState
GetWindowLongA
SetWindowLongA
GetParent
IsWindowVisible
InvalidateRect
UpdateWindow
GetClientRect
PostMessageA
SendMessageA
CopyRect
InflateRect
EnableWindow
MessageBeep
PtInRect
GetDC
ReleaseDC
SetScrollRange
GetScrollRange
SetScrollPos
GetWindowRect
CharUpperA
SetWindowPos

gdi32

SetStretchBltMode
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
SetPolyFillMode
CreateSolidBrush
StretchDIBits
GetCharWidthA
CreateFontA
GetBkColor
CreateRectRgnIndirect
PatBlt
GetTextMetricsA
CreateCompatibleDC
GetViewportOrgEx
DPtoLP
SetAbortProc
AbortDoc
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetWindowOrgEx
RestoreDC
SaveDC
CreateDCA
GetTextExtentPoint32A
SetBkColor
StartDocA
StartPage
EndPage
EndDoc
StrokeAndFillPath
PolyBezierTo
StrokePath
StretchBlt
BeginPath
CreateRectRgn
CreateCompatibleBitmap
PolyBezier
SetTextColor
SetBkMode
TextOutA
CloseFigure
EndPath
SelectClipPath
BitBlt
RoundRect
Ellipse
GetDeviceCaps
CreateDIBitmap
DeleteDC
EnumFontFamiliesExA
GetGlyphOutlineA
CreateFontIndirectA
Polygon
GetObjectA
CreateBitmap
SelectClipRgn
GetDIBits
Rectangle
DeleteObject
LineTo
CreateBrushIndirect
CreatePen
GetStockObject
SetROP2
SelectObject
MoveToEx
GetPixel

comdlg32

CommDlgExtendedError
PrintDlgA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA
ChooseColorA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

advapi32

RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

comctl32

_TrackMouseEvent
ImageList_SetBkColor
ord17
ImageList_GetImageCount
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_DrawIndirect

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA

ole32

OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 840KB - Virtual size: 837KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a61b164e52a02d9fb3fdb2fcfbba871e

Headers

File Characteristics

Imports

sense3

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 840KB - Virtual size: 837KB

.rdata Size: 144KB - Virtual size: 141KB

.data Size: 12KB - Virtual size: 32KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 840KB - Virtual size: 837KB

.rdata
Size: 144KB - Virtual size: 141KB

.data
Size: 12KB - Virtual size: 32KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB