2024-06-04_ddda343c80c744c56e9ba32fdd907d97_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-04_ddda343c80c744c56e9ba32fdd907d97_icedid
Size

152KB
MD5

ddda343c80c744c56e9ba32fdd907d97
SHA1

420ce22f93b9e1530d02b05e9c506caecfa47713
SHA256

26725ad0b4789fdcb46c0e04c991c4dcc5cf0fd44787ec1fda48483c34c0969c
SHA512

347440e5127702ccffe8c8ccf35bf6ac0f375e63478e80ab909e00b09008d83177059ba77d43e6f86f04117150bc6093569908b1246ae02296c5f0ed1a60d45f
SSDEEP

3072:rcBqLxbQBMM8WoCCcJMeYfPSgHsT2Oql9k:8qlbCb31hytXSoxk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-04_ddda343c80c744c56e9ba32fdd907d97_icedid

Files

2024-06-04_ddda343c80c744c56e9ba32fdd907d97_icedid
.exe windows:4 windows x86 arch:x86

df4951430bf294cbb8b5e899612aeb52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetOEMCP
GetCPInfo
GlobalFlags
WritePrivateProfileStringA
CloseHandle
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcmpW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThread
FreeLibrary
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
SetErrorMode
GetProcAddress
lstrcpyA
lstrcatA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynA
GetCommandLineA
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcmpiA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentThreadId
GetLastError
FormatMessageA
lstrlenA
LocalFree
Sleep
SetHandleCount
GetModuleFileNameA

user32

ShowWindow
SetWindowTextA
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetForegroundWindow
DispatchMessageA
GetDlgItem
DestroyWindow
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetSubMenu
GetMenuItemCount
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
DestroyMenu
ClientToScreen
GetMessageTime
GetMenuItemID
GetMenuState
PostQuitMessage
PostMessageA
UnregisterClassA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
LoadCursorA
UnhookWindowsHookEx
EnableWindow
IsWindowEnabled
GetLastActivePopup
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetTopWindow

gdi32

Escape
GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
SelectObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
CloseServiceHandle
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df4951430bf294cbb8b5e899612aeb52

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 160B

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 160B