2024-06-06_4e89919dd671df88cb60561ccc5341cb_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-06_4e89919dd671df88cb60561ccc5341cb_icedid
Size

618KB
MD5

4e89919dd671df88cb60561ccc5341cb
SHA1

1700b486cbc28659e2dcad000ab4a1b0d72d2cb1
SHA256

492abdf6923f53db2e8717317e04fd9726af473ecef5cf71865a9ce36b2bc7cd
SHA512

f86638e48778d74789a0f6ab34e9dcf7fd820ae2cfbc4f48dede20c7bfe464aef035b503a9ec682fe204c363c8ff3d5897570537267ea795c90cd768e4e2234c
SSDEEP

12288:6eg+DCWlkwdjcH/VwM6EJ2GjpU9M/DDqAx7D3PAzD:6egmCWawhA/96EJ2GjgrAZDY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-06_4e89919dd671df88cb60561ccc5341cb_icedid

Files

2024-06-06_4e89919dd671df88cb60561ccc5341cb_icedid
.exe windows:5 windows x86 arch:x86

89d762ff4b03036d8a44120b4ddbc84f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

Netbios

kernel32

RaiseException
ExitProcess
GetTimeFormatA
GetDateFormatA
ExitThread
GetCommandLineA
GetStartupInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
HeapCreate
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
SetHandleCount
GetFileType
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateDirectoryA
GetSystemDirectoryA
MoveFileExA
TerminateProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
RtlUnwind
GetTickCount
LocalLock
LocalUnlock
SetErrorMode
GetModuleHandleW
GetFileSizeEx
GetLastError
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetStringTypeExA
DeleteFileA
MoveFileA
GlobalReAlloc
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
LocalFree
MulDiv
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalUnlock
FreeResource
GlobalFree
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcessId
GlobalAddAtomA
SuspendThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleFileNameW
GetCurrentThreadId
CloseHandle
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
ResetEvent
CreateSemaphoreA
CreateThread
GetModuleFileNameA
WaitForSingleObject
ReleaseSemaphore
Sleep
GetCurrentDirectoryA
CreateEventA
WideCharToMultiByte
SetEvent
ResumeThread
FindResourceA
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
InterlockedDecrement
FormatMessageA
lstrlenA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedIncrement
CreateMutexA
GetConsoleCP

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
CharNextA
DestroyIcon
DeleteMenu
UnregisterClassA
WindowFromPoint
CharUpperA
IsZoomed
SetCursorPos
SetCapture
RedrawWindow
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ReleaseDC
DestroyCursor
SetRect
UnpackDDElParam
ReuseDDElParam
DestroyMenu
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
UpdateWindow
GetClientRect
EnableWindow
LoadBitmapA
GetSubMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
DefWindowProcA
CallWindowProcA
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
DrawIcon
SetWindowRgn
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
GetWindowPlacement
GetWindowRect
RegisterClipboardFormatA
GetClassLongA
LoadMenuA
SendMessageA
SetForegroundWindow
GetCursorPos
GetSystemMetrics
LoadIconA
ScreenToClient
FillRect
GetDC
InvalidateRect
SetTimer
KillTimer
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
LoadCursorA
GetSysColorBrush
SetCursor
UnhookWindowsHookEx
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
ShowOwnedPopups
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
GetWindow
GetDlgItem
SendDlgItemMessageA
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
IsWindow
GetDlgCtrlID
SetWindowLongA
MoveWindow
ShowWindow
SetFocus
SetWindowPos
GetWindowTextA
GetWindowTextLengthA
MapDialogRect
SetWindowContextHelpId
EndDialog
GetNextDlgTabItem
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetDesktopWindow

gdi32

CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetMapMode
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
GetTextAlign
GetRgnBox
GetTextColor
GetBkColor
StretchDIBits
CreateFontA
GetCharWidthA
CreateRectRgnIndirect
GetTextMetricsA
GetTextExtentPoint32A
CreateFontIndirectA
CreateSolidBrush
GetStretchBltMode
CreateDCA
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetPixel
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetStockObject
PatBlt
Rectangle
GetViewportOrgEx
CreatePen
CreateCompatibleBitmap
GetObjectA
CreateCompatibleDC
BitBlt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetDeviceCaps
DPtoLP
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

GetJobA
DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA
DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
Shell_NotifyIconA

comctl32

ImageList_Create

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoUninitialize
OleTranslateAccelerator

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysStringLen
SysAllocStringLen
SafeArrayAccessData
SafeArrayUnaccessData
VariantTimeToSystemTime
VariantCopy
VariantChangeType
VariantInit
VariantClear
SysFreeString
SysStringByteLen
SysAllocString
GetErrorInfo
SysAllocStringByteLen

ws2_32

WSAStartup
WSACleanup
WSASetLastError
socket
htons
gethostbyname
connect
shutdown
closesocket
send
select
recv

odbc32

ord9
ord17
ord41
ord10
ord3
ord16
ord2
ord1
ord15
ord14
ord20
ord8
ord48
ord49
ord11
ord19
ord12
ord46
ord18
ord13
ord59
ord43
ord68
ord44
ord45
ord50
ord51
ord5

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89d762ff4b03036d8a44120b4ddbc84f

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

odbc32

Sections

.text Size: 420KB - Virtual size: 419KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 16KB - Virtual size: 43KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 420KB - Virtual size: 419KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 16KB - Virtual size: 43KB

.rsrc
Size: 80KB - Virtual size: 80KB