2024-05-29_0b701d13a843744cb5a876f4038a90b8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-29_0b701d13a843744cb5a876f4038a90b8_icedid
Size

24.4MB
MD5

0b701d13a843744cb5a876f4038a90b8
SHA1

174ba504096decf1dc1b7affb980db3e5c2ec3f6
SHA256

806c463a45df41034f66ea4fd41159fad3ecb542e25a6d9f013488e8d00089ca
SHA512

9b2da6d833d2f8ac16fe134765d4d1ff6d86e81c60e27cedacbe4a9c34d85c56121061dfbd98ceb5ab384daffcda1629cc0666ff37e5ae9ee8422e2ad4980e3f
SSDEEP

393216:Ybu5rYWikkYfBT0lCyNRKk5I8WBQiPnGUK5pdxIc+jT6K7Jm7fkBC4fTe5PlvVgA:YSrWQp6h4k3WdDK5PSjTDC0i5Pvgpi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-29_0b701d13a843744cb5a876f4038a90b8_icedid

Files

2024-05-29_0b701d13a843744cb5a876f4038a90b8_icedid
.exe windows:4 windows x86 arch:x86

80b76166459c7e805c3d45f9dc125716

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
HeapReAlloc
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
ExitThread
IsBadWritePtr
SetStdHandle
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CreateFileA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
ExitProcess
GetStartupInfoW
GetTickCount
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
CreateFileW
GetFullPathNameW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
lstrcmpiW
CloseHandle
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryA
lstrcatW
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
SetLastError
MulDiv
lstrcpyW
GlobalAlloc
FormatMessageW
lstrcpynW
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetLastError
InterlockedDecrement
InterlockedIncrement
GetProcessHeap
HeapAlloc
HeapFree
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
GetVolumeInformationW
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
CopyFileW
GetLocalTime
SetFileAttributesW
GetModuleFileNameW
lstrlenW
lstrlenA
CreateDirectoryW
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
GetSystemTimeAsFileTime
InterlockedExchange

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharUpperW
DestroyMenu
GetSysColorBrush
WindowFromPoint
CharNextW
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
wsprintfW
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
EnableWindow
SendMessageW
PostMessageW
UnregisterClassW
SetTimer
KillTimer
GetSystemMetrics
MessageBoxW
SetWindowPos
DrawIcon
IsIconic
GetClientRect
LoadIconW
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoW
RegisterClassW
GetDlgCtrlID
PostThreadMessageW
RegisterClipboardFormatW
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
GetWindow
GetMenuState
SetPropW
FindWindowW
ShowWindow
MoveWindow
LoadImageW
SetWindowTextW
IsWindow
PtInRect
InvalidateRect
RedrawWindow
SetCapture
GetParent
ReleaseCapture
SetCursor
LoadCursorW
SetWindowLongW
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
ReleaseDC

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetMapMode
GetRgnBox
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
SelectObject
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateFontIndirectW
CreateCompatibleDC
GetObjectW
StretchBlt
DeleteObject
GetStockObject
TextOutW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegSetValueExW
RegSetValueExA

shell32

ShellExecuteW
SHGetSpecialFolderPathW

comctl32

ord17

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
StrStrIW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoUninitialize

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantInit
VariantCopy
VariantClear
SysAllocStringLen
VariantChangeType
SysStringLen
OleCreateFontIndirect
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
GetErrorInfo
SysAllocString

urlmon

URLDownloadToFileW

iphlpapi

GetPerAdapterInfo
GetAdaptersInfo

ws2_32

recv
connect
send
htons
WSACleanup
gethostbyname
socket
gethostname
WSAStartup

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80b76166459c7e805c3d45f9dc125716

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

iphlpapi

ws2_32

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 40KB - Virtual size: 39KB