2024-05-28_509dc57fe76d6a3a112417f5e3e780d4_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-28_509dc57fe76d6a3a112417f5e3e780d4_icedid
Size

407KB
MD5

509dc57fe76d6a3a112417f5e3e780d4
SHA1

b5df1ba20c52660fda9cf739da399ec2989a3fcb
SHA256

081c042f0d27e44f5883e668cff8132d4d9d5c9f656a625af5239845aa036576
SHA512

4cb149d8aa68b6e401fcd6265d600c0812ff0aa0bf7e2bf82918e876f06826351dc7b8d1336767c1e60df779b09d2c76d4ce36690845c8d0711f0854d8362253
SSDEEP

6144:fy3ogtorZiarKWa8ocO6c3u29JtKMoZ1gOHgS+ahBf78bfj7IHHNGq:3gKVA6c3u29JtKMogSjowHHNGq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-05-28_509dc57fe76d6a3a112417f5e3e780d4_icedid

Files

2024-05-28_509dc57fe76d6a3a112417f5e3e780d4_icedid
.exe windows:5 windows x86 arch:x86

de721a7d8de417020e69a5b3300cde09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

msacm32

acmMetrics
acmFormatChooseW

olepro32

ord250

kernel32

lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetLastError
GetModuleFileNameW
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetSystemTime
WriteFile
Sleep
GetCurrentProcessId
WriteProfileStringW
GetFullPathNameW
FreeLibrary
GetDiskFreeSpaceW
MulDiv
LoadLibraryW
WideCharToMultiByte
OpenFile
lstrlenW
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrcpyW
GetVersionExW
CreateFileW
GetFileSize
CloseHandle
ReadFile
CopyFileW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetProfileStringW
GetProfileIntW
GetModuleHandleW
GetProcAddress
lstrcpynW
lstrcatW
CreateFileA
SetStdHandle
GetStringTypeW
LockResource
SetLastError
LocalFree
FormatMessageW
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
lstrcmpA
lstrlenA
LocalAlloc
TlsGetValue
GlobalReAlloc
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetModuleHandleA
SetFilePointer
FlushFileBuffers
GetCurrentProcess
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapReAlloc
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetLocaleInfoA

user32

SetActiveWindow
GetLastActivePopup
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
GetCapture
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetDesktopWindow
IsDialogMessageW
GetSysColorBrush
GetWindowThreadProcessId
ClientToScreen
DestroyMenu
ValidateRect
GetMessageW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
SetForegroundWindow
GetClassInfoExW
GetClassInfoW
GetDlgCtrlID
CallWindowProcW
CopyRect
PtInRect
SetWindowLongW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
RegisterWindowMessageW
GetMenuState
GetMenuItemID
GetFocus
IsWindowEnabled
IsWindow
GetParent
SendMessageW
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetWindowTextW
ShowWindow
CreateWindowExW
ReleaseDC
GetDC
RegisterClassW
LoadIconW
LoadCursorW
LoadAcceleratorsW
GetWindowTextW
GetWindowLongW
GetSysColor
CharNextW
CheckDlgButton
IsDlgButtonChecked
SetDlgItemInt
GetDlgItem
EnableWindow
GetDlgItemInt
SetFocus
MessageBeep
GetDlgItemTextW
IsCharAlphaW
IsCharAlphaNumericW
SetDlgItemTextW
UpdateWindow
EndDialog
WaitMessage
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
MessageBoxW
DialogBoxParamW
PostMessageW
GetMenuItemCount
RemoveMenu
AppendMenuW
CreatePopupMenu
GetKeyState
SetMenu
AdjustWindowRectEx
PeekMessageW
DefWindowProcW
MoveWindow
GetSystemMetrics
GetClientRect
EndPaint
BeginPaint
GetAsyncKeyState
wsprintfW
PostQuitMessage
GetSubMenu
GetMenu
DeleteMenu
KillTimer
SetTimer
InvalidateRect
GetWindowRect
SetWindowPos
EnableMenuItem
CheckMenuItem

gdi32

ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
SetBkColor
SetTextColor
ExtTextOutW
PatBlt
DeleteObject
CreateSolidBrush
CreateFontW
StretchDIBits
GetStockObject
GetObjectW
GetTextMetricsW
DeleteDC
SaveDC
RestoreDC
SetMapMode
GetClipBox
CreateBitmap
SelectObject
GetDeviceCaps
PtVisible

comdlg32

GetOpenFileNameW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
GetUserNameW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree
MkParseDisplayName
CreateBindCtx
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VariantClear
VariantChangeType
VariantInit
SysFreeString
VarUI4FromStr

shlwapi

PathRemoveFileSpecW
PathFindExtensionW

oleacc

CreateStdAccessibleObject
LresultFromObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de721a7d8de417020e69a5b3300cde09

Headers

DLL Characteristics

File Characteristics

Imports

winmm

msacm32

olepro32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

oleacc

winspool.drv

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 9KB - Virtual size: 29KB

.rsrc Size: 134KB - Virtual size: 136KB

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 9KB - Virtual size: 29KB

.rsrc
Size: 134KB - Virtual size: 136KB