2024-05-28_f82395e6be6912300087295300df4c96_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-28_f82395e6be6912300087295300df4c96_icedid
Size

2.6MB
MD5

f82395e6be6912300087295300df4c96
SHA1

3076ecadf8f6e4e7e79be00044648eedd8e6bebe
SHA256

3bc1d8cb692eea534b9a252f2c1a127341e0441cd8646c0d83d10ec48f90b195
SHA512

911f494a015daeb48176569f09e82481a23e2d19e94feafbeb5d9fcf533f957df41c42bc105fc61ce9104ee6032aaf212345afb9ea2415b6bd8bfaee8aa74a9a
SSDEEP

49152:9usR7OVoOhANVjG4NRM2t1qNJtcU9qDosm:3CVoLG4HM2t1qNJtcU90osm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-28_f82395e6be6912300087295300df4c96_icedid

Files

2024-05-28_f82395e6be6912300087295300df4c96_icedid
.exe windows:4 windows x86 arch:x86

8b8e558641e9b235c4a1b83f9db531af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord1

ddraw

DirectDrawCreate
DirectDrawEnumerateA

winmm

timeGetTime

d3dxof

DirectXFileCreate

kernel32

lstrcpynA
lstrcpyA
LoadLibraryA
LockResource
GetCurrentThread
lstrlenA
ReleaseMutex
GetLastError
GetVersionExA
GetTickCount
lstrcatA
GetModuleHandleA
GetProcAddress
LCMapStringW
RaiseException
SetEndOfFile
FreeLibrary
lstrcmpiA
LocalAlloc
LocalFree
FindResourceA
LoadResource
CreateMutexA
GetCommandLineA
GetThreadPriority
SetThreadPriority
LCMapStringA
GetCPInfo
GetStringTypeW
GetACP
MultiByteToWideChar
CreateFileA
GetStringTypeA
SetStdHandle
IsBadCodePtr
FlushFileBuffers
SetUnhandledExceptionFilter
SetFilePointer
IsBadReadPtr
GetFileType
GetStdHandle
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
ReadFile
GetOEMCP
UnhandledExceptionFilter
CloseHandle
HeapSize
GetCurrentProcess
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
ExitProcess
GetVersion
GetStartupInfoA
HeapFree
RtlUnwind
HeapAlloc

user32

ReleaseDC
DestroyWindow
LoadBitmapA
FillRect
GetClientRect
DefWindowProcA
GetCursorPos
BringWindowToTop
SendMessageA
GetDC
SetTimer
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
FindWindowA
ShowWindow
GetForegroundWindow
DrawTextA
SetWindowPos
SetWindowLongA
CheckRadioButton
SendDlgItemMessageA
IsDlgButtonChecked
GetWindowRect
GetDlgItemTextA
GetDlgItem
TrackPopupMenuEx
EndDialog
GetSubMenu
SystemParametersInfoA
DialogBoxParamA
PostMessageA
TranslateAcceleratorA
LoadAcceleratorsA
PeekMessageA
LoadMenuA
LoadIconA
LoadCursorA
UpdateWindow
SetCursor
SetForegroundWindow
RedrawWindow
GetWindowLongA
DrawMenuBar
MessageBoxA
SetRect
ClientToScreen
KillTimer
RegisterClassA
PostQuitMessage
EnableWindow
SetDlgItemTextA

gdi32

DeleteDC
SelectObject
SetBkMode
CreateSolidBrush
CreateCompatibleDC
GetStockObject
SetTextColor
ExtTextOutA
BitBlt

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegFlushKey
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b8e558641e9b235c4a1b83f9db531af

Headers

File Characteristics

Imports

dsound

ddraw

winmm

d3dxof

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 20KB - Virtual size: 32KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 20KB - Virtual size: 32KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB