2024-05-04_0e807ab7eacf2082c0d111516fbca3ba_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-04_0e807ab7eacf2082c0d111516fbca3ba_icedid
Size

648KB
MD5

0e807ab7eacf2082c0d111516fbca3ba
SHA1

8fa6de8cc197d0de3b6e0a2094546620978368a1
SHA256

d3c7aa7f630948f060aeb587f75b78e29248e0dac36a0e937ab1f2666499ed60
SHA512

68735df3876848be244434ab1679e65bf0e1806850b68080f939128de69f769994c40d81c770f60f7ee91fa81caf13e2f7b82e49c0e6d75e906a465e771fe43f
SSDEEP

6144:Vh10oiUkiGKOdZ18MGLd67Pg98fi5+4g18S+NcJ6JX9IxUd6a+ZjerPCqAO+gkFG:VhpnkiGKOKBJ/PNcJ6N9IqTrKqMjsxc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-04_0e807ab7eacf2082c0d111516fbca3ba_icedid

Files

2024-05-04_0e807ab7eacf2082c0d111516fbca3ba_icedid
.exe windows:4 windows x86 arch:x86

0877386e011ebdaaa71febb9c52696ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
gethostbyname
gethostbyaddr
WSAStartup

user32

PostThreadMessageW
GetSysColorBrush
LoadCursorW
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
DestroyMenu
RegisterClipboardFormatW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxW
UpdateWindow
GetMenu
GetClassInfoW
RegisterClassW
GetDlgCtrlID
CallWindowProcW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
PostMessageW
MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
PeekMessageW
DispatchMessageW
SetWindowLongW
wsprintfW
GetSysColor
GetSystemMetrics
LoadIconW
EnableWindow
GetClientRect
GetWindowRect
GetSystemMenu
SendMessageW
AppendMenuW
DrawIcon
FindWindowW
GetForegroundWindow
SetForegroundWindow
ShowWindow
UnregisterClassW
IsIconic
AdjustWindowRectEx
DefWindowProcW
SetFocus

gdi32

GetDeviceCaps
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
GetStockObject
SelectObject
DeleteObject
DeleteDC
SetViewportExtEx
ScaleWindowExtEx
CreateSolidBrush
PtVisible
SetMapMode
RestoreDC
SaveDC
ExtTextOutW
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SetWindowExtEx

shlwapi

PathFindFileNameW
PathFindExtensionW

kernel32

GetModuleHandleA
lstrlenA
GlobalFindAtomW
InterlockedDecrement
lstrcmpiW
InterlockedIncrement
GlobalFlags
lstrcatW
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FlushFileBuffers
SetEndOfFile
SetErrorMode
GetStartupInfoW
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
SetStdHandle
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
FreeResource
GlobalAddAtomW
GlobalFree
MulDiv
GlobalUnlock
FormatMessageW
lstrcpynW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GetVersionExA
LoadLibraryA
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetStdHandle
GetFileType
GetVersion
GetCurrentThreadId
ReadFile
HeapAlloc
HeapFree
GetCurrentThread
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileSectionW
VirtualFree
VirtualAlloc
FindFirstFileW
FindClose
LocalAlloc
LoadLibraryW
GetProcAddress
FreeLibrary
LocalFree
TerminateProcess
GetCurrentProcess
DeleteFileW
ExpandEnvironmentStringsW
SetEnvironmentVariableW
GetModuleHandleW
CreateFileW
WriteFile
SetFilePointer
lstrlenW
GetTickCount
GetModuleFileNameW
lstrcpyW
GetFileAttributesW
CreateDirectoryW
GetPrivateProfileStringW
GetLogicalDrives
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
WideCharToMultiByte
SetLastError
MultiByteToWideChar
CreateMutexW
GetLastError
ReleaseMutex
CloseHandle
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LeaveCriticalSection

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegisterEventSourceA
LookupPrivilegeValueW
OpenProcessToken
AdjustTokenPrivileges
RegQueryMultipleValuesW
RegRestoreKeyW
RegEnumValueW
RegEnumKeyExW
RegSaveKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
DeregisterEventSource
RegQueryValueExW
GetUserNameW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
ReportEventA

shell32

SHGetFolderPathW
ShellExecuteW

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleFlushClipboard
OleUninitialize

oleaut32

VariantChangeType
VariantInit
VariantClear

Sections

.text
Size: 412KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0877386e011ebdaaa71febb9c52696ce

Headers

File Characteristics

Imports

ws2_32

user32

gdi32

shlwapi

kernel32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 412KB - Virtual size: 410KB

.rdata Size: 152KB - Virtual size: 148KB

.data Size: 44KB - Virtual size: 71KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 412KB - Virtual size: 410KB

.rdata
Size: 152KB - Virtual size: 148KB

.data
Size: 44KB - Virtual size: 71KB

.rsrc
Size: 36KB - Virtual size: 32KB