2024-05-25_faad096a9e9b4add53ddf29de7b79633_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-25_faad096a9e9b4add53ddf29de7b79633_icedid
Size

5.5MB
MD5

faad096a9e9b4add53ddf29de7b79633
SHA1

5d39b813ec9c6c9d19851fdfff713224418bf234
SHA256

59d664206a2255295b1095c9b980e3ff0b20fbf8835ebb024811fbdde2043e67
SHA512

799c85b82bec87b8fa45a5a96cbeaffee3811a42621bc065833d4d790dd6810ee9d293f31836be25208f6365b6c0c85e0e1c465b53383c18b8244c2f28ea610e
SSDEEP

98304:CXhMskmwFPX/NIq9uvyChZ4ow4SMlur/NIq9uvyChZ4ow4SX:CXhFw1XlIweyCHwvPrlIweyCHwvX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-25_faad096a9e9b4add53ddf29de7b79633_icedid

Files

2024-05-25_faad096a9e9b4add53ddf29de7b79633_icedid
.exe windows:4 windows x86 arch:x86

0a0c121be1c4344720677fd67114cca3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
SHDeleteKeyA

kernel32

CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
FormatMessageA
LocalFree
LoadLibraryA
GetProcAddress
GetFileAttributesA
LoadLibraryExA
EnumResourceTypesA
EnumResourceNamesA
FindResourceExA
GlobalUnlock
CreateDirectoryA
MultiByteToWideChar
FreeLibrary
SuspendThread
ResumeThread
SetFileTime
EnumResourceLanguagesA
SetFileAttributesA
RemoveDirectoryA
GetModuleHandleA
GetTempPathA
GetLongPathNameA
GetModuleFileNameA
CopyFileA
WinExec
GetUserDefaultLCID
FileTimeToSystemTime
FileTimeToLocalFileTime
WideCharToMultiByte
GetTickCount
Sleep
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateFileA
GetLastError
GetFileTime
CloseHandle
GetFileSize
IsBadWritePtr
SetEnvironmentVariableA
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetTimeZoneInformation
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
LCMapStringW
LCMapStringA
GetExitCodeProcess
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetStdHandle
TlsAlloc
lstrcpyA
GlobalFree
GlobalHandle
TlsSetValue
GlobalAlloc
TlsFree
IsBadReadPtr
TlsGetValue
GetDriveTypeA
SetFilePointer
ReadFile
GlobalLock
lstrcpynA
GlobalReAlloc
GlobalSize
lstrcatA
lstrcmpA
IsDBCSLeadByte
DeleteFileA
FindClose
FileTimeToDosDateTime
FindFirstFileA
WriteFile
IsBadStringPtrA
GetWindowsDirectoryA
CreateProcessA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetVolumeInformationA
FreeResource
MulDiv
SetLastError
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
InterlockedDecrement
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SetThreadPriority
WaitForSingleObject
SetEvent
CreateEventA
ConvertDefaultLocale
GetCurrentThread
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
GlobalFlags
InterlockedIncrement
LocalReAlloc
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetFullPathNameA
FindNextFileA
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetLocalTime
ExitProcess
HeapReAlloc
ExitThread
CreateThread
TerminateProcess
HeapSize

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA

user32

GetSysColor
EndDialog
SetForegroundWindow
SetWindowTextA
SetDlgItemTextA
ReleaseDC
GetDC
GetWindowThreadProcessId
EnumWindows
WaitForInputIdle
PostMessageA
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
CreateDialogIndirectParamA
GetSystemMetrics
SetActiveWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
CopyRect
GetWindow
PtInRect
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetWindowPos
SetWindowLongA
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
UnregisterClassA
RegisterClassA
GetClassInfoA
AdjustWindowRectEx
GetMenu
IsWindowVisible
GetKeyState
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
SetFocus
GetFocus
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
DialogBoxParamA
GetDlgItemTextA
IsDialogMessageA
ShowWindow
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
ValidateRect
GetMessageA
PostQuitMessage
GetSysColorBrush
DestroyMenu
GetClientRect
ScreenToClient
GetActiveWindow
MessageBoxA
LoadCursorA
SetCursor
GetClassNameA
PeekMessageA
TranslateMessage
DispatchMessageA
OemToCharA
CharNextA
CharPrevA
CharUpperBuffA
wsprintfA
EnableWindow
SendMessageA
LoadIconA
GetCursorPos
IsWindow
DestroyWindow
UpdateWindow
CreateDialogParamA
GetDesktopWindow
SetTimer
KillTimer
LoadStringW
CharLowerA
CharUpperA

gdi32

GetObjectA
PtVisible
RectVisible
TextOutA
GetClipBox
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetMapMode
SetTextColor
DeleteObject
CreateSolidBrush
RestoreDC
SaveDC
GetDeviceCaps
GetBkColor
SetBkColor
SetBkMode
GetStockObject
ExtTextOutA
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx

shell32

ord59
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

comctl32

ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ord17

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

wininet

InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
HttpQueryInfoA
HttpAddRequestHeadersA
InternetCloseHandle

comdlg32

GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 232KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a0c121be1c4344720677fd67114cca3

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

user32

gdi32

shell32

comctl32

ole32

oleaut32

wininet

comdlg32

winspool.drv

Sections

.text Size: 232KB - Virtual size: 230KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 28KB - Virtual size: 39KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 232KB - Virtual size: 230KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 28KB - Virtual size: 39KB

.rsrc
Size: 44KB - Virtual size: 41KB