2024-06-05_563661c0293d17fce88493a7c99ed42e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-05_563661c0293d17fce88493a7c99ed42e_icedid
Size

164KB
MD5

563661c0293d17fce88493a7c99ed42e
SHA1

87088fc8a8822173b3a034511e7f9c6d9539ff25
SHA256

cb2f54c9cd943bff10c296f639f39728d4fabde69736dd2d0dc10a12703527b5
SHA512

a0a1a0327b25dfee4d19b4dd40d296ae3f0fdfea8615561d052b69e3e3b4259e621bcbbd2ecf3c4dd3c9a50d79aed41513253d02b3bf518128272bcaa8b6d4c2
SSDEEP

3072:WOVDdOMrByFRaWggTdJei0tC2YbgIWWoK5ob5D8tILb:nVDdOMrByFUgTdURkXTeKI8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-05_563661c0293d17fce88493a7c99ed42e_icedid

Files

2024-06-05_563661c0293d17fce88493a7c99ed42e_icedid
.exe windows:4 windows x86 arch:x86

cdc12544fdfadfbb6acba7b9bd96395f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

endec

?Endec@@YAXPAD00H@Z

kernel32

GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
TlsGetValue
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
WaitForSingleObject
lstrcmpA
DeleteCriticalSection
LocalAlloc
OutputDebugStringA
GetModuleFileNameA
CreateDirectoryA
GetWindowsDirectoryA
GetFileTime
GetFileSize
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
CreateFileMappingA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
LocalFree
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
InterlockedIncrement
GetFileAttributesA
SetLastError
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
GetVersionExA
GetCurrentProcess
lstrlenA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FlushViewOfFile
CloseHandle
UnmapViewOfFile
MapViewOfFile
GetLastError
VirtualFree

user32

GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
CharUpperA
LoadStringA
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
SetWindowTextA
LoadIconA
PostMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
GetFocus
MessageBoxA
wsprintfA
EnableWindow
GetDlgCtrlID

gdi32

SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetDeviceCaps
DeleteObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdc12544fdfadfbb6acba7b9bd96395f

Headers

File Characteristics

Imports

endec

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 24KB - Virtual size: 22KB