2024-05-14_a67ac6e5e5e6f86f3d3e8481b7f1635b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-14_a67ac6e5e5e6f86f3d3e8481b7f1635b_icedid
Size

3.6MB
MD5

a67ac6e5e5e6f86f3d3e8481b7f1635b
SHA1

7eba1b566fad24d7bb6ac0638a9b107797dbfec0
SHA256

c54681039155996438f5bc2e0afd1c6a7f521710bb0eae704c2f1d2fcb297c67
SHA512

68799ccfca8b3c6a498add5424fb391665ea676bd8d71efc81d26eeda6fa4bff45823e4fe723d3bb1f73c07635ff8e229b1d61f1c89243d410ffd814725700ae
SSDEEP

49152:c9t2i3C7atixjHeI695shzhKNiQ6il4ilRaj8QuGj7FBTTb:At2i3kiiFH495shtKAQ6il4iyj37

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-14_a67ac6e5e5e6f86f3d3e8481b7f1635b_icedid

Files

2024-05-14_a67ac6e5e5e6f86f3d3e8481b7f1635b_icedid
.exe windows:4 windows x86 arch:x86

a23e843a500f8f4b38569db7793776df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetCurrentDirectoryA
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetOEMCP
SetEnvironmentVariableA
GetDriveTypeA
GetLocaleInfoW
GetFileType
SetStdHandle
FindResourceA
GlobalAddAtomA
GetProfileStringA
InterlockedExchange
HeapSize
ExitThread
CreateThread
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
GetDriveTypeW
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoW
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
FindResourceExW
GetCurrentDirectoryW
FindNextFileW
GetProfileIntW
GetThreadLocale
GetStringTypeExW
GetVolumeInformationW
FindFirstFileW
FindClose
UnlockFile
LockFile
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
GlobalFlags
lstrcmpiW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetFullPathNameW
GetTempFileNameW
GetFileAttributesW
GlobalGetAtomNameW
MulDiv
SetLastError
GetModuleHandleA
LoadLibraryA
FindResourceW
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
InterlockedDecrement
InterlockedIncrement
CreateEventW
SuspendThread
SetEvent
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
CreateFileA
lstrlenA
ExitProcess
SizeofResource
LoadResource
LockResource
GlobalSize
TerminateThread
SetCurrentDirectoryW
SetFilePointer
GlobalFree
AreFileApisANSI
SetFileAttributesW
GetFileSize
CancelIo
FlushFileBuffers
WriteFile
ReadFile
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetWindowsDirectoryW
GetTickCount
GetModuleFileNameW
WritePrivateProfileStringW
GetPrivateProfileIntW
SetThreadPriority
CreateProcessW
TerminateProcess
GetExitCodeProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileStringW
GetCurrentProcess
GetTempPathW
CreateDirectoryW
GetFileAttributesExW
GetLongPathNameW
GetShortPathNameW
FormatMessageW
LocalFree
CopyFileW
MoveFileW
DeleteFileW
GlobalAlloc
Sleep
GetModuleHandleW
GlobalLock
GlobalUnlock
lstrlenW
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
ResumeThread
WaitForSingleObject
lstrcmpW
lstrcpyW
CreateMutexW
GetLastError
CreateFileW
SetUnhandledExceptionFilter
CloseHandle

user32

IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemInt
GetDlgItem
CheckDlgButton
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetActiveWindow
CallNextHookEx
ValidateRect
SetWindowsHookExW
ShowOwnedPopups
PostQuitMessage
MessageBoxW
DrawAnimatedRects
AppendMenuW
SetMenu
SetClassLongW
DestroyMenu
LoadImageW
WindowFromPoint
IsChild
FindWindowW
GetMessageW
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
InsertMenuW
GetMenuStringW
ExitWindowsEx
DestroyIcon
EmptyClipboard
SetClipboardData
FindWindowExW
GetWindowTextW
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
GetClipboardData
DrawFocusRect
IsWindowEnabled
SetFocus
RegisterWindowMessageW
GetDlgCtrlID
SetWindowPos
GetMenu
GetMenuItemCount
LoadIconW
SetTimer
KillTimer
ReleaseDC
CreatePopupMenu
GetMessagePos
RedrawWindow
GetSystemMenu
GetMenuDefaultItem
RemovePropW
PostMessageW
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
CallWindowProcW
SetPropW
SetWindowLongW
GetMenuItemID
GetSysColor
TrackPopupMenuEx
GetKeyState
ReleaseCapture
SetCapture
GetCapture
SetCursor
DeleteMenu
ClientToScreen
GetFocus
SetCursorPos
OffsetRect
BeginDeferWindowPos
TrackPopupMenu
RegisterClassW
GetClassInfoW
wsprintfW
WinHelpW
GetTopWindow
SetParent
EndDeferWindowPos
GetDC
SetMenuDefaultItem
GetSystemMetrics
LoadMenuW
GetSubMenu
IsWindow
InvalidateRect
ScreenToClient
InflateRect
PtInRect
GetCursorPos
GetParent
GetWindowRect
GetClientRect
GrayStringW
DrawTextW
TabbedTextOutW
EnableWindow
CopyRect
DestroyCursor
LoadCursorW
LoadBitmapW
SetForegroundWindow
GetLastActivePopup
GetWindow
GetDesktopWindow
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
GetPropW
SendMessageW
IsIconic
IsWindowVisible
IsDialogMessageW
SetWindowTextW
GetWindowTextLengthW
MoveWindow
ShowWindow
GetWindowPlacement
SystemParametersInfoW
IntersectRect
GetForegroundWindow
GetMessageTime
DefWindowProcW
UnhookWindowsHookEx
CreateWindowExW
GetWindowLongW
DestroyWindow
LockWindowUpdate
GetDCEx
PostThreadMessageW
CharUpperW
GetSysColorBrush
GetClassNameW
LoadStringW
IsZoomed
wvsprintfW
SetRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
EndDialog
CreateDialogIndirectParamW
MapDialogRect
GetAsyncKeyState
RegisterClipboardFormatW
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
AdjustWindowRectEx
EqualRect
UpdateWindow
DeferWindowPos

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
SetRectRgn
GetCharWidthW
CreateFontW
GetTextMetricsW
EnumFontFamiliesExW
CopyMetaFileW
CreateRectRgn
CombineRgn
SetTextColor
SetBkMode
SetBkColor
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
RestoreDC
CreateDIBSection
DeleteDC
PatBlt
DeleteObject
SelectObject
GetCurrentObject
GetTextExtentPoint32W
CreateBitmap
GetTextColor
GetBkMode
GetBkColor
BitBlt
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectW
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
CreateFontIndirectW

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegDeleteKeyW
RegQueryValueW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegEnumKeyW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegOpenKeyExW

shell32

DragAcceptFiles
SHGetSpecialFolderPathW
ShellExecuteExW
ExtractIconW
SHFileOperationW
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
DragQueryFileW
DragFinish
ShellExecuteW
SHBrowseForFolderW

comctl32

ImageList_GetImageCount
ImageList_EndDrag
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_DragMove
ImageList_BeginDrag
ImageList_Draw
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetIconSize
ImageList_SetBkColor
ord17
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Create
ImageList_DrawIndirect
ImageList_DragEnter

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
ReleaseStgMedium
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
OleFlushClipboard
OleIsCurrentClipboard
OleDuplicateData
CoTaskMemAlloc

oleaut32

VarBstrFromDate
VariantClear
SysFreeString
SysAllocString

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathFileExistsW
PathIsDirectoryW
PathMakePrettyW
PathFindExtensionW
PathRemoveFileSpecW
PathRenameExtensionW
PathRemoveBackslashW
PathStripToRootW
PathRelativePathToW
PathCombineW
PathIsRootW
PathGetCharTypeW
PathIsURLW
PathFindFileNameW

winhttp

WinHttpQueryHeaders
WinHttpReadData
WinHttpCrackUrl
WinHttpCloseHandle
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpQueryOption
WinHttpSetOption
WinHttpReceiveResponse

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 716KB - Virtual size: 747KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 392KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a23e843a500f8f4b38569db7793776df

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

version

shlwapi

winhttp

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 288KB - Virtual size: 286KB

.data Size: 716KB - Virtual size: 747KB

.rsrc Size: 392KB - Virtual size: 388KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 288KB - Virtual size: 286KB

.data
Size: 716KB - Virtual size: 747KB

.rsrc
Size: 392KB - Virtual size: 388KB