2024-05-31_fdde786aee55d621cfda67b80f01b32e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-31_fdde786aee55d621cfda67b80f01b32e_icedid
Size

1.6MB
MD5

fdde786aee55d621cfda67b80f01b32e
SHA1

f1cd453b097725232ea1a190016d8a12d088fd03
SHA256

098cb20abe1b0073f1d124f67997aafdda691f1c26b8ab88e6343927f3fa1bc5
SHA512

681acc9977a3a5727686915f25292bcf69493bf9089fd338e350a776a2394e032e8c0a0d748a3dc682316ae38bee5cf1b13da6be61200242ceaac204113e7d33
SSDEEP

24576:tmxreAuxE6f5e/HV9zUUZYKIQFqPsSNInvGZAT2ha5h:tXAM5IHVdHYKIQAP8uZATWA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-31_fdde786aee55d621cfda67b80f01b32e_icedid

Files

2024-05-31_fdde786aee55d621cfda67b80f01b32e_icedid
.exe windows:5 windows x86 arch:x86

e5118db958c821851c0bfd1f72d4431b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

pcan_usb

CAN_Close
CAN_Status
CAN_Write
CAN_Read
CAN_MsgFilter
CAN_Init
CAN_ResetFilter

kernel32

DeleteCriticalSection
TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
GetModuleHandleW
FindResourceExA
GetTickCount
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetTimeFormatA
GetDateFormatA
HeapAlloc
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoA
HeapReAlloc
SetEnvironmentVariableA
SetStdHandle
LocalReAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
ExitProcess
HeapSize
GetACP
IsValidCodePage
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
GetConsoleCP
GetConsoleMode
SetHandleCount
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
CompareStringW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedExchange
GetFileTime
GetFileSizeEx
LocalFileTimeToFileTime
FileTimeToLocalFileTime
VirtualProtect
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetProfileIntA
RaiseException
GetCurrentProcessId
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
GetTempFileNameA
SetVolumeLabelA
GetDiskFreeSpaceA
GetDriveTypeA
MoveFileA
DeleteFileA
SetFileAttributesA
GetLocalTime
GetFileInformationByHandle
FileTimeToDosDateTime
FileTimeToSystemTime
WriteFile
SetFileTime
DosDateTimeToFileTime
SystemTimeToFileTime
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
WriteProfileStringA
SearchPathA
GetVersion
FindFirstFileA
FindNextFileA
FindClose
FreeLibrary
CreateMutexA
ReleaseMutex
SetErrorMode
lstrcatA
GetFileAttributesA
FormatMessageA
lstrlenA
LocalFree
GlobalReAlloc
FreeResource
GetModuleHandleA
SetLastError
GlobalFree
MultiByteToWideChar
lstrcpynA
GetWindowsDirectoryA
GetSystemDirectoryA
Beep
GetModuleFileNameA
GetCurrentDirectoryA
GetTempPathA
GlobalAlloc
GlobalLock
GlobalUnlock
CreateDirectoryA
MulDiv
LoadLibraryA
GetProcAddress
lstrcpyA
CopyFileA
QueryPerformanceFrequency
QueryPerformanceCounter
GetLocaleInfoA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReadFile
GetFileSize
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
CreateFileA
GetLastError
CloseHandle
Sleep
SetCurrentDirectoryA
VirtualAlloc
CreateFileW

user32

DestroyIcon
GetNextDlgGroupItem
LockWindowUpdate
PostThreadMessageA
ShowOwnedPopups
MapDialogRect
TranslateMessage
ValidateRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
TranslateAcceleratorA
DrawIcon
GetMessageA
GetDCEx
WindowFromPoint
SetRectEmpty
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
CharUpperA
GetDesktopWindow
CreateDialogIndirectParamA
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
GetMenuStringA
AppendMenuA
InsertMenuA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
UnhookWindowsHookEx
CharToOemBuffA
OemToCharBuffA
GetCursorPos
MessageBoxA
SendMessageA
EnableWindow
GetSysColor
InvalidateRect
EqualRect
IsRectEmpty
MenuItemFromPoint
GetMenuItemRect
ShowWindow
BringWindowToTop
SetForegroundWindow
LoadIconA
SetWindowRgn
GetFocus
GetAsyncKeyState
MessageBeep
GetNextDlgTabItem
GetMenuItemInfoA
GetTabbedTextExtentA
DrawStateA
CopyRect
ModifyMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
LoadBitmapA
CheckMenuItem
SystemParametersInfoA
CharNextA
InvalidateRgn
CopyAcceleratorTableA
GetSysColorBrush
UnregisterClassA
DrawFocusRect
SetParent
GetSystemMenu
DeleteMenu
WaitMessage
GetDlgItem
SetWindowContextHelpId
GetSystemMetrics
GetWindowRect
SetCapture
ReleaseCapture
PtInRect
ClientToScreen
ChildWindowFromPoint
ChildWindowFromPointEx
InflateRect
OffsetRect
FillRect
IsZoomed
GetClientRect
GetParent
UpdateWindow
KillTimer
PostQuitMessage
PeekMessageA
FindWindowExA
IsWindow
SetTimer
SendMessageW
UnionRect
FrameRect
DrawEdge
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
SetRect
CloseClipboard
SetClipboardData
RegisterClipboardFormatA
OpenClipboard
LoadCursorA
GetDC
ReleaseDC
GetActiveWindow
RedrawWindow
SetCursor
GetForegroundWindow

gdi32

ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateRectRgnIndirect
PatBlt
DPtoLP
LPtoDP
Ellipse
SetRectRgn
CombineRgn
GetMapMode
GetCharWidthA
StretchDIBits
GetRgnBox
GetTextColor
EnumFontFamiliesExA
SetWindowExtEx
ScaleWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
CreateCompatibleBitmap
CreateFontA
SetPixel
Rectangle
SelectObject
CreateSolidBrush
CreatePen
GetStockObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateEllipticRgnIndirect
SetPixelV
CreateBitmap
DeleteObject
Arc
OffsetRgn
CreateEllipticRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextMetricsA
GetTextExtentPoint32A
GetViewportOrgEx
CreateRectRgn
GetObjectA
CreateFontIndirectA
GetDeviceCaps
BitBlt
GetBkColor
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
ControlService
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegFlushKey
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA
ShellExecuteA

shlwapi

PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathRemoveExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoInitializeEx

oleaut32

SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5118db958c821851c0bfd1f72d4431b

Headers

DLL Characteristics

File Characteristics

Imports

pcan_usb

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 303KB - Virtual size: 302KB

.data Size: 23KB - Virtual size: 1.0MB

.rsrc Size: 234KB - Virtual size: 233KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 303KB - Virtual size: 302KB

.data
Size: 23KB - Virtual size: 1.0MB

.rsrc
Size: 234KB - Virtual size: 233KB