2024-05-25_403d2a7d301b313a2aa89210d6da88a2_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-25_403d2a7d301b313a2aa89210d6da88a2_icedid
Size

528KB
MD5

403d2a7d301b313a2aa89210d6da88a2
SHA1

cf48e29da4fc1b218ad1ce99888d1f3571a0954c
SHA256

5ad1e3723c45d99108a85b313be8cafd0e1ea5ab57561e6669128a777ed38c12
SHA512

22bb12f2a29f408c03f36acb0bb67cf183d6ca4a01aecb548ae74480bbfa3f477e12b9cdc34c8147ea7c3539bbdd6d0a96a3107d46971d91a156ad2a4da7195c
SSDEEP

12288:yp3b1KV/mTcaUayWwKrYvHmZTfWsTPEXD0:yh/caUayWlM/mZDWW

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-25_403d2a7d301b313a2aa89210d6da88a2_icedid

Files

2024-05-25_403d2a7d301b313a2aa89210d6da88a2_icedid
.exe windows:4 windows x86 arch:x86

ef3c29292a518cffcac12e1b2dfa94c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
InternetGetLastResponseInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetWriteFile
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer

winmm

timeGetTime

kernel32

GetFileSize
GetFileTime
SetErrorMode
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
SetStdHandle
GetFileType
GetStartupInfoA
GetCommandLineA
RaiseException
HeapFree
HeapAlloc
CreateThread
ExitThread
GetACP
HeapReAlloc
HeapSize
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetFileAttributesA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
OutputDebugStringA
GetVersion
DeviceIoControl
CreateFileA
GetVersionExA
Sleep
LocalFree
FormatMessageA
GetLastError
GetStdHandle
GetModuleFileNameA
CreateEventA
SetEvent
lstrlenA
CloseHandle
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateProcessA
GetWindowsDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
MulDiv
GetProcessVersion
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GetFullPathNameA
GetVolumeInformationA
FindClose
UnlockFile
WinExec
FindFirstFileA
SetEndOfFile
WriteFile
SizeofResource
LockResource
GetProfileStringA
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
SetLastError
GlobalAlloc
lstrcmpA
GetCurrentThread
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
SuspendThread
SetThreadPriority
ResumeThread
LoadResource
WaitForSingleObject
GetThreadLocale
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
GlobalFree
GetComputerNameA
FreeLibrary
GetTickCount
LoadLibraryA
GetProcAddress
FindResourceA

user32

InvalidateRect
PostThreadMessageA
SetRect
CopyAcceleratorTableA
DestroyMenu
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
PtInRect
GetClassNameA
GetDC
ReleaseDC
GetSysColorBrush
LoadCursorA
GetDesktopWindow
CharUpperA
MapDialogRect
SetWindowContextHelpId
SetCursor
TranslateMessage
ValidateRect
GetCursorPos
CharNextA
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
AdjustWindowRectEx
ScreenToClient
GetClientRect
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
IsWindowUnicode
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
GetActiveWindow
RegisterClipboardFormatA
InflateRect
MessageBeep
GetNextDlgGroupItem
SetFocus
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
PostQuitMessage
GetMessageA
DispatchMessageA
EnableWindow
GetWindowLongA
SetWindowLongA
SetTimer
SendMessageA
ShowWindow
LoadIconA
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
SetViewportOrgEx
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetMapMode
SetBkMode
RestoreDC
SaveDC
DeleteDC
SelectObject
DeleteObject
GetStockObject
GetDeviceCaps
GetBkColor
GetTextColor
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceA
RegQueryValueExA
RegSetValueExA
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegOpenKeyExA
ControlService
RegDeleteKeyA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenServiceA
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
OleInitialize
CoTaskMemFree
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysFreeString
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear

wsock32

WSAStartup
WSACleanup

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef3c29292a518cffcac12e1b2dfa94c7

Headers

File Characteristics

Imports

wininet

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

iphlpapi

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 60KB - Virtual size: 78KB

.rsrc Size: 244KB - Virtual size: 241KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 60KB - Virtual size: 78KB

.rsrc
Size: 244KB - Virtual size: 241KB