2024-06-02_16f69b22189e32c9e1edb2ad8e01253d_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-02_16f69b22189e32c9e1edb2ad8e01253d_icedid
Size

752KB
MD5

16f69b22189e32c9e1edb2ad8e01253d
SHA1

9c0b222fce9fce218aa0ea8a552dcacd901b0f89
SHA256

acacc180990964f58f109e04ac6733456439dec4f7e4ce44ba022d17376a104b
SHA512

9e094da851413b18a1494c30bab5684eccf3d5421be5d3f502d2dc00b48cef131cf50354c407b00c73725e76f2919d72de05835b27243ba81a3178ced7b8d254
SSDEEP

12288:NXktQWJzIFAVsGdFswIifOb19iEA6CjMVOrWCLO+d:hktQWJzoQf8w1fOpA6YMVBGNd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-02_16f69b22189e32c9e1edb2ad8e01253d_icedid

Files

2024-06-02_16f69b22189e32c9e1edb2ad8e01253d_icedid
.exe windows:5 windows x86 arch:x86

4218086e60755c601f34f64bd8e13e71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libogg

ogg_stream_init
ogg_stream_packetin
ogg_stream_clear
ogg_stream_pageout
ogg_page_eos
ogg_stream_flush

libvorbis

vorbis_info_clear
vorbis_dsp_clear
vorbis_block_clear
vorbis_bitrate_flushpacket
vorbis_bitrate_addblock
vorbis_analysis
vorbis_analysis_blockout
vorbis_analysis_wrote
vorbis_analysis_buffer
vorbis_analysis_headerout
vorbis_block_init
vorbis_analysis_init
vorbis_encode_init_vbr
vorbis_info_init
vorbis_comment_clear

kernel32

GetFullPathNameW
CreateFileW
InterlockedExchange
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
SuspendThread
CreateEventW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GlobalFlags
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GetVolumeInformationW
GetStartupInfoW
RtlUnwind
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
RaiseException
ExitProcess
HeapReAlloc
ExitThread
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
MoveFileW
lstrlenA
lstrcmpA
InterlockedDecrement
GetModuleHandleA
GetCurrentProcessId
FormatMessageW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
FreeResource
SetEvent
CreateThread
SetThreadPriority
GetVersionExA
GetEnvironmentVariableA
ResetEvent
CreateEventA
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalFree
LocalAlloc
LocalLock
LocalFree
LocalUnlock
GetVersionExW
GetACP
GetLocaleInfoW
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameW
GetSystemDefaultLCID
GetTickCount
GetCurrentProcess
TerminateProcess
GetDiskFreeSpaceExW
GetPrivateProfileStringW
WritePrivateProfileStringW
FindFirstFileW
WaitForMultipleObjects
TerminateThread
GetPrivateProfileIntW
WaitForSingleObject
Sleep
ResumeThread
CreateDirectoryW
CreateSemaphoreW
CloseHandle
GetVersion
DeleteFileW
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
lstrcatW
WinExec
WideCharToMultiByte
MulDiv
lstrlenW
lstrcpyW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
SetErrorMode

user32

SetMenuItemBitmaps
GetWindowThreadProcessId
ClientToScreen
GetWindowDC
WindowFromPoint
CharUpperW
ValidateRect
GetMessageW
SetRectEmpty
IsZoomed
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassW
ReleaseCapture
CharNextW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
SetCapture
GetNextDlgGroupItem
RegisterClipboardFormatW
PostThreadMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetMenu
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetActiveWindow
MessageBoxW
CreateDialogIndirectParamW
PeekMessageW
GetMenuCheckMarkDimensions
TranslateMessage
DispatchMessageW
WaitMessage
PostQuitMessage
DestroyWindow
CheckDlgButton
SetFocus
MoveWindow
SetWindowTextW
WinHelpW
GetDialogBaseUnits
GetAsyncKeyState
GetWindowTextW
GetDlgItem
LoadStringW
BeginPaint
EndPaint
SetRect
FillRect
RegisterWindowMessageW
DrawAnimatedRects
FindWindowW
EnumChildWindows
GetCursorPos
TrackPopupMenu
DestroyIcon
SetParent
SetActiveWindow
SystemParametersInfoW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
EqualRect
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnableMenuItem
GetDlgCtrlID
SetWindowPos
LoadAcceleratorsW
SetPropW
RemovePropW
GetSystemMetrics
GetSystemMenu
AppendMenuW
DeleteMenu
DrawIcon
GetDesktopWindow
GetWindow
GetPropW
IsIconic
ShowWindow
SetForegroundWindow
GetLastActivePopup
GetWindowLongW
RedrawWindow
LockWindowUpdate
UpdateWindow
PostMessageW
CopyRect
GetKeyState
GetMenu
LoadIconW
LoadMenuW
GetMenuItemID
GetMenuItemCount
SetMenuDefaultItem
SetWindowLongW
LoadCursorW
CopyIcon
IsWindow
GetSysColor
GetMessagePos
GetParent
KillTimer
SetTimer
ReleaseDC
GetDC
LoadBitmapW
ModifyMenuW
CheckMenuItem
DestroyMenu
GetMenuState
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetFocus
GetWindowTextLengthW
IsDialogMessageW
GetForegroundWindow
ScreenToClient
GetClientRect
GetWindowRect
InflateRect
PtInRect
SetCursor
MessageBeep
InvalidateRect
SendMessageW
EnableWindow
CheckMenuRadioItem
GetSubMenu
TranslateAcceleratorW
GetClassNameW

gdi32

DeleteObject
SetTextColor
SetBkColor
SelectObject
GetClipBox
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
MoveToEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateFontW
ExtTextOutW
ExtSelectClipRgn
CreatePen
GetMapMode
GetCharWidthW
StretchDIBits
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
Escape
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
TextOutW
RectVisible
PtVisible
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetTextExtentPoint32W
GetObjectW
CreateFontIndirectW
GetStockObject
CreateDCW
GetDeviceCaps
DeleteDC
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
RegCloseKey

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFolderPathW
Shell_NotifyIconW
SHAppBarMessage
ShellExecuteW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoUninitialize
CreateILockBytesOnHGlobal
OleFlushClipboard
CoRegisterMessageFilter
CoInitialize

oleaut32

SafeArrayDestroy
SysAllocString
OleCreateFontIndirect
VariantCopy
SysFreeString
VarDateFromStr
VarBstrFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen

winmm

waveInGetErrorTextA
waveInOpen
waveOutGetErrorTextA
waveOutOpen
waveInGetDevCapsA
waveOutGetDevCapsA
waveOutClose
waveInClose
waveOutUnprepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveOutWrite
waveOutGetPosition
waveOutRestart
waveInStart
waveOutPause
waveInReset
waveOutReset
waveOutPrepareHeader
waveInPrepareHeader
waveOutGetNumDevs
waveInGetNumDevs
waveOutMessage
waveInMessage
mixerGetID
mixerGetLineControlsA
mixerGetLineInfoA
mixerClose
mixerGetDevCapsA
mixerSetControlDetails
mixerGetControlDetailsA
mixerOpen
timeGetTime

Sections

.text
Size: 418KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4218086e60755c601f34f64bd8e13e71

Headers

DLL Characteristics

File Characteristics

Imports

libogg

libvorbis

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

winmm

Sections

.text Size: 418KB - Virtual size: 418KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 14KB - Virtual size: 31KB

.rsrc Size: 213KB - Virtual size: 212KB

.text
Size: 418KB - Virtual size: 418KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 14KB - Virtual size: 31KB

.rsrc
Size: 213KB - Virtual size: 212KB