2024-05-12_b8265fe7c29f578fd026dd237fb2371e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-12_b8265fe7c29f578fd026dd237fb2371e_icedid
Size

1.2MB
MD5

b8265fe7c29f578fd026dd237fb2371e
SHA1

287ccfa6774993b103b17dec288f150851e6dab6
SHA256

4bd78b3ca2cf4a1f147bc8b21531702149ff641a41a1192d567a4aa27f8cdcc8
SHA512

f702d595a62876366587cdbb31b6550eb9066d40810a2909017e7fa8403b416dcd38dd2aa23b34f53b78d49cc1c0f739fe8c5a7cd3e8b7d2c05983f7f7565265
SSDEEP

24576:Rc4JChmVCVelTV794w7z6YxuOMoDOWRFaWNr:ymouVxXzLRO0aWNr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-12_b8265fe7c29f578fd026dd237fb2371e_icedid

Files

2024-05-12_b8265fe7c29f578fd026dd237fb2371e_icedid
.exe windows:4 windows x86 arch:x86

b3a1e1da9ba85c78c591b6d72fa2fec8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
SetHandleCount
GetFileType
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
SetEnvironmentVariableA
GetACP
GetStdHandle
HeapCreate
HeapDestroy
VirtualFree
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
ExitProcess
GetStartupInfoA
GetProcessHeap
GetCommandLineA
GetDateFormatA
GetTimeFormatA
CreateDirectoryA
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentDirectoryA
SetErrorMode
GetShortPathNameA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
FindResourceExA
GetThreadLocale
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetFileTime
GetFileSize
GetFileAttributesA
SetFileAttributesA
CreateFileA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CloseHandle
GetCurrentProcessId
VirtualProtect
FreeResource
GetCurrentThreadId
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
FormatMessageA
RaiseException
LocalFree
GetLogicalDrives
GetDriveTypeA
GetVolumeInformationA
MoveFileA
CopyFileA
GetModuleHandleA
GetPrivateProfileStringA
ExpandEnvironmentStringsA
CreateEventA
GetCurrentProcess
WaitForSingleObject
ResetEvent
CreateThread
LocalAlloc
Beep
GlobalGetAtomNameA
WinExec
GetTempPathA
lstrcmpA
GetModuleFileNameA
CreateMutexA
SetLastError
Sleep
ReleaseMutex
MulDiv
GetTickCount
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetComputerNameA
FindFirstFileA
FindNextFileA
FindClose
GetStringTypeExA
CompareFileTime
lstrcmpiA
CompareStringW
CompareStringA
FreeLibrary
GetProcAddress
lstrlenA
LoadLibraryA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
FreeEnvironmentStringsA
InterlockedExchange

user32

DestroyWindow
SetActiveWindow
RemovePropA
GetPropA
SetPropA
CallNextHookEx
SetWindowsHookExA
IsChild
WinHelpA
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetAsyncKeyState
MapDialogRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
ValidateRect
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
ShowOwnedPopups
SetWindowRgn
IsZoomed
GetSysColorBrush
UnregisterClassA
DestroyIcon
CopyAcceleratorTableA
PostThreadMessageA
GetTabbedTextExtentA
RegisterClipboardFormatA
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
GetWindowPlacement
GetWindowTextLengthA
GetFocus
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
EndPaint
BeginPaint
GrayStringA
DrawTextExA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuStringA
SetMenuItemInfoA
IsMenu
GetMenuItemInfoA
GetDialogBaseUnits
AdjustWindowRectEx
GetActiveWindow
IntersectRect
GetClassLongA
DrawIconEx
LoadMenuA
DestroyMenu
GetMenuState
LockWindowUpdate
SetWindowLongA
GetSystemMetrics
SetParent
GetDCEx
MapWindowPoints
DeleteMenu
IsRectEmpty
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetTopWindow
SetWindowPos
GetDlgCtrlID
DrawFrameControl
FindWindowExA
WindowFromPoint
DestroyCursor
GetParent
LoadImageA
GetSysColor
RemoveMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CheckMenuItem
CreateMenu
GetKeyState
LoadBitmapA
DrawTextA
SetClipboardData
RegisterWindowMessageA
GetSystemMenu
EmptyClipboard
CloseClipboard
GetCursor
keybd_event
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
LoadCursorA
GetForegroundWindow
OpenClipboard
GetLastActivePopup
KillTimer
SetTimer
RedrawWindow
IsIconic
SetMenu
GetMenu
InsertMenuA
EnableMenuItem
WindowFromDC
GetWindow
FindWindowA
LoadStringA
EnumWindows
GetMessageA
TranslateMessage
ClipCursor
ShowCursor
PostQuitMessage
ScreenToClient
ChildWindowFromPointEx
GetWindowDC
GetWindowTextA
ClientToScreen
EqualRect
UnionRect
SetCursorPos
PeekMessageA
DispatchMessageA
SystemParametersInfoA
GetDesktopWindow
GetCursorPos
CreatePopupMenu
AppendMenuA
ReleaseCapture
SetCursor
DrawEdge
IsWindow
SetCapture
OffsetRect
SetRect
UpdateWindow
PostMessageA
PtInRect
DrawFocusRect
InflateRect
EnableWindow
FillRect
SetRectEmpty
EnumChildWindows
IsWindowVisible
GetWindowLongA
GetClassNameA
MessageBoxA
GetScrollInfo
wsprintfA
CharUpperA
GetDC
ReleaseDC
LoadIconA
InvalidateRect
GetClientRect
GetWindowRect
BringWindowToTop
SendMessageA
DrawIcon
CopyRect
GetCapture

gdi32

CreateBitmap
StretchBlt
CreatePatternBrush
CreateDIBitmap
SaveDC
RestoreDC
SetBkColor
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
CreateRectRgnIndirect
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
StartDocA
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetTextExtentPointA
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
GetDCOrgEx
GetBkColor
SetRectRgn
DPtoLP
CreateEllipticRgn
LPtoDP
GetViewportOrgEx
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
EnumFontFamiliesExA
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
Arc
GetNearestPaletteIndex
RectInRegion
GetStockObject
GetCharWidthA
GetTextMetricsA
OffsetRgn
SetBkMode
StretchDIBits
GetTextExtentPoint32A
GetPixel
GetTextColor
CreateFontA
SetPixel
Ellipse
Polyline
CreateDCA
GetSystemPaletteEntries
GetClipBox
ExtTextOutA
PatBlt
CreateHatchBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
SetWindowOrgEx
CreateFontIndirectA
GetNearestColor
CreateSolidBrush
CreatePen
BitBlt
RealizePalette
SelectPalette
DeleteObject
GetDeviceCaps
RoundRect
Rectangle
GetObjectA
CreateRectRgn

comdlg32

GetFileTitleA

advapi32

RegQueryValueA
RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegSetValueA
RegCloseKey
GetUserNameA
RegFlushKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA
StartServiceA
ControlService
DeleteService
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegCreateKeyA

shell32

ExtractIconA
ShellExecuteA
DragAcceptFiles
Shell_NotifyIconA
DragFinish
DragQueryFileA
SHGetFileInfoA

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

winmm

PlaySoundA

Exports

Exports

gbIstGK
gbIstRegistriert
gszLastSettings

Sections

.text
Size: 804KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3a1e1da9ba85c78c591b6d72fa2fec8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

shlwapi

winmm

Exports

Exports

Sections

.text Size: 804KB - Virtual size: 800KB

.rdata Size: 228KB - Virtual size: 224KB

.data Size: 28KB - Virtual size: 74KB

.rsrc Size: 152KB - Virtual size: 151KB

.text
Size: 804KB - Virtual size: 800KB

.rdata
Size: 228KB - Virtual size: 224KB

.data
Size: 28KB - Virtual size: 74KB

.rsrc
Size: 152KB - Virtual size: 151KB