2024-05-21_1fa7f8558c4ce8788f13df9021682368_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-21_1fa7f8558c4ce8788f13df9021682368_icedid
Size

2.1MB
MD5

1fa7f8558c4ce8788f13df9021682368
SHA1

261f3dd7da43e0d19db0869a781773cc150a4519
SHA256

eb9872482f7f6dd84dbfd34b2f2f32cfeb9cff1471eaf0e176b4992472e6ffce
SHA512

fe7bb590a73d74abbcf7b63db2b1fca567b53c420a6a4806acff929fa31ace13dca1726b7e3c7c7bc0784451524455d1d2a71a0200bbae964e2544e8e23b805c
SSDEEP

24576:TdENafo+/HpxHJIBpiJ4o+3meArZhgnR6gPkJ+6Kr1bV4KxQeFmq/pLxccwfe9b:TdEN+PHJ0pin+WeqZhgnRrM0RbbQ+C8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-05-21_1fa7f8558c4ce8788f13df9021682368_icedid

Files

2024-05-21_1fa7f8558c4ce8788f13df9021682368_icedid
.exe windows:5 windows x86 arch:x86

99e3e2ef34e9b15d9b12ad8d1e0dc00b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

kernel32

GetSystemTimeAsFileTime
RemoveDirectoryA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
VirtualAlloc
HeapReAlloc
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
GetTickCount
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetProcessHeap
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
CreateFileA
WriteFile
CloseHandle
SetCurrentDirectoryA
DeleteFileA
SearchPathA
GetTempPathA
GetLongPathNameA
GetTempFileNameA
CreateDirectoryA
GetLastError
GetModuleHandleA
FreeLibrary
GetSystemInfo
EnumResourceNamesA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringA
GetModuleFileNameA
LocalAlloc
LocalFree
InterlockedExchange
RaiseException
lstrlenA
MultiByteToWideChar
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
GlobalFlags
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
GlobalGetAtomNameA
FormatMessageA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
SetLastError
GlobalFree

user32

PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ValidateRect
ClientToScreen
DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetDC
ReleaseDC
GetSysColorBrush
IsWindowEnabled
RegisterWindowMessageA
WinHelpA
GetCapture
CallNextHookEx
GetClassLongA
GetClassNameA
GetPropA
RemovePropA
GetFocus
IsWindow
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
GetSysColor
GetCursorPos
CopyRect
PtInRect
GetDlgCtrlID
SendMessageA
CallWindowProcA
GetMenu
GetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
SetWindowsHookExA
ScreenToClient
DefWindowProcA
GetWindowRect
LoadImageA
GetAsyncKeyState
MessageBoxA
SetWindowTextA
SetCursor
LoadCursorA
SetMenu
EnumDisplaySettingsA
GetClientRect
DestroyWindow
LoadIconA
RegisterClassExA
CreateWindowExA
SetWindowLongA
SetRect
LoadStringA
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ShowWindow
SetWindowPos
SetPropA

gdi32

SetMapMode
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RestoreDC
SaveDC
ExtTextOutA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

SHFileOperationA
ShellExecuteA

comctl32

InitCommonControlsEx
ord17

winmm

PlaySoundA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 512KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99e3e2ef34e9b15d9b12ad8d1e0dc00b

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

kernel32

user32

gdi32

winspool.drv

shell32

comctl32

winmm

oleaut32

Sections

.text Size: 512KB - Virtual size: 511KB

.rdata Size: 129KB - Virtual size: 129KB

.data Size: 12KB - Virtual size: 36KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 512KB - Virtual size: 511KB

.rdata
Size: 129KB - Virtual size: 129KB

.data
Size: 12KB - Virtual size: 36KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB