2024-05-26_c845af2b2bc36a8fd4fb3fd146002c29_icedid_zxxz

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-26_c845af2b2bc36a8fd4fb3fd146002c29_icedid_zxxz
Size

25.3MB
MD5

c845af2b2bc36a8fd4fb3fd146002c29
SHA1

cbc9acc5f6edab489508f25fdc091d1b396ec569
SHA256

7b5283d1d7e6eae544d3a14d33b4d65018c3388cac6ab0093aeae7c79e30d815
SHA512

6b3d57cdef0dc44be7ef71740463b86778a56a78ec828ee101ebb6f40d02eb0c9df1be8e4d64b225ccdaa23cc41dec28a3e16def78649b51ea8afcf5705161a2
SSDEEP

786432:UTxw+i7FoSc3AXryGNUzpgaPTAhUYnsQB:Kxw+i7FoSc3AXW1lFPTAhUYn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-26_c845af2b2bc36a8fd4fb3fd146002c29_icedid_zxxz

Files

2024-05-26_c845af2b2bc36a8fd4fb3fd146002c29_icedid_zxxz
.exe windows:4 windows x86 arch:x86

6b293040430d9bb98e91b50c84f7a3fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
HeapAlloc
HeapFree
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
GetCommandLineA
VirtualFree
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStartupInfoA
TerminateProcess
ExitProcess
RtlUnwind
WritePrivateProfileStringA
GetProfileStringA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
SetLastError
GetCurrentThread
GlobalAlloc
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GlobalLock
GlobalUnlock
GlobalFree
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
WideCharToMultiByte
GetModuleFileNameA
lstrcmpA
FreeLibrary
LoadLibraryA
GetProcAddress
CreateFileA
WriteFile
CloseHandle
GetTickCount
InterlockedIncrement
lstrlenA
MultiByteToWideChar
GetLastError
InterlockedDecrement
HeapCreate
LocalFree

user32

InflateRect
RegisterClipboardFormatA
InvalidateRect
PostThreadMessageA
SetRect
CopyAcceleratorTableA
GetSysColorBrush
LoadCursorA
GetDesktopWindow
PtInRect
GetClassNameA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringA
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
CharUpperA
GetActiveWindow
CreateDialogIndirectParamA
CharNextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
GetNextDlgGroupItem
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
EnableWindow
wsprintfA
SendMessageA
LoadIconA
AppendMenuA
GetSystemMenu
UnregisterClassA
EndDialog
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
ShowWindow
MessageBeep
GetDlgItem
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindow
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
DispatchMessageA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA

gdi32

GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
DPtoLP
LPtoDP
GetMapMode
PatBlt
DeleteObject
Escape
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
GetStockObject
GetDeviceCaps
GetBkColor
GetTextColor
CreateBitmap
GetObjectA
SetBkColor
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantClear
SysAllocStringByteLen
SysAllocString
VariantChangeType
SysAllocStringLen
VariantCopy
SysStringLen
VariantTimeToSystemTime
GetErrorInfo
SysFreeString

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 676KB - Virtual size: 689KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24.4MB - Virtual size: 24.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b293040430d9bb98e91b50c84f7a3fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 676KB - Virtual size: 689KB

.rsrc Size: 24.4MB - Virtual size: 24.4MB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 676KB - Virtual size: 689KB

.rsrc
Size: 24.4MB - Virtual size: 24.4MB