2024-06-14_61b4a1057a8e23d94a2f8f0c2f4c0ed6_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-14_61b4a1057a8e23d94a2f8f0c2f4c0ed6_icedid
Size

866KB
MD5

61b4a1057a8e23d94a2f8f0c2f4c0ed6
SHA1

5a0f01e198cacb0e58d5e08d59604fe5670d1dc9
SHA256

aa854077a113351613c29c7207d9e8769ee82e220a09360e455f92c4e875d956
SHA512

04f87343b30d2f21acbf8af79a5f69cc386f7b4594abcfe72e3c497e1aa40287b47b410902add552def56920c36bfc79f32ead1bb957334939f8275532fe91ca
SSDEEP

24576:EB9HZOePLBUg9JnT0gHTjjZPWcAi+u5Z99:EBX9FT0gHTnhc1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-14_61b4a1057a8e23d94a2f8f0c2f4c0ed6_icedid

Files

2024-06-14_61b4a1057a8e23d94a2f8f0c2f4c0ed6_icedid
.exe windows:5 windows x86 arch:x86

dc183ccc7e3127d5009d20568d2e9d09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertGetNameStringA
CertCreateCertificateContext
CertNameToStrA
CertFreeCertificateContext

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
StrStrIA
PathFindExtensionA

kernel32

LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetModuleHandleW
GetFileAttributesExA
LocalFileTimeToFileTime
GetFileSizeEx
SetErrorMode
GetTickCount
RtlUnwind
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
VirtualAlloc
GetSystemInfo
ExitThread
WriteConsoleW
GetFileType
GetStdHandle
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapReAlloc
HeapSize
HeapCreate
VirtualFree
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GlobalFlags
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
GetVersion
CloseHandle
ReadFile
GetFileSize
CreateFileA
WriteFile
GetTempFileNameA
GetTempPathA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindResourceA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
GetCurrentDirectoryA
GetFileAttributesA
GetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ReleaseMutex
CreateMutexA
GetSystemDefaultLangID
GetPrivateProfileStringA
Sleep
GetProcAddress
LoadLibraryA
GetPrivateProfileIntA
FreeLibrary
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
CreateThread
GetVersionExA
GetSystemTime
SystemTimeToFileTime
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
FindResourceExA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetFileTime
SetFileTime
GetCurrentProcessId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleFileNameW
FormatMessageA
LocalFree
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
SetLastError
TerminateThread
DebugActiveProcess
VirtualQuery
VirtualProtect
OutputDebugStringA
GetCurrentThread
SetThreadPriority
SetPriorityClass
IsDebuggerPresent
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
WritePrivateProfileStringA
CreateProcessA
GetCurrentThreadId
SetEvent
ResetEvent
WaitForSingleObject
FreeResource
GlobalAlloc
ResumeThread
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
GetCurrentProcess
RaiseException
IsDBCSLeadByte
lstrcmpiA
LoadLibraryExA
lstrlenW
lstrlenA
GetConsoleMode

user32

GetSysColorBrush
UnregisterClassA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
DrawIcon
SetWindowContextHelpId
GetWindowThreadProcessId
ShowOwnedPopups
PostQuitMessage
GetMessageA
TranslateMessage
MoveWindow
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetMenuState
EnableMenuItem
SendDlgItemMessageA
WinHelpA
IsChild
GetClassLongA
GetWindowTextLengthA
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
GetMenuItemID
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CharUpperA
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
GetMenu
IntersectRect
GetWindowPlacement
GetWindow
CreateDialogIndirectParamA
EndDialog
SetPropA
GetCapture
GetPropA
RemovePropA
SetFocus
IsWindowEnabled
GetIconInfo
LoadImageA
DrawStateA
DrawFocusRect
TrackPopupMenuEx
GetActiveWindow
GetNextDlgTabItem
DestroyIcon
DestroyCursor
DestroyMenu
OpenClipboard
IsRectEmpty
EmptyClipboard
SetClipboardData
CloseClipboard
GetSysColor
PtInRect
SetCursor
ShowCursor
GetSystemMetrics
SystemParametersInfoA
LoadCursorA
LoadBitmapA
CharNextA
SetActiveWindow
FindWindowExA
EnumChildWindows
FindWindowA
LoadMenuA
GetWindowDC
GrayStringA
DrawTextExA
GetMenuItemCount
RemoveMenu
GetSubMenu
BeginPaint
FillRect
GetWindowTextA
DrawTextA
FrameRect
InflateRect
GetWindowLongA
EndPaint
GetDC
ValidateRect
ReleaseDC
SetCapture
ReleaseCapture
CallWindowProcA
IsIconic
ModifyMenuA
TabbedTextOutA
GetMenuItemInfoA
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
CheckMenuItem
ClientToScreen
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
DeferWindowPos
SetWindowRgn
EnableWindow
GetWindowRect
SetForegroundWindow
SendMessageA
MessageBoxA
SetWindowTextA
UpdateWindow
LoadIconA
GetParent
GetForegroundWindow
GetClassNameA
GetCursorPos
GetFocus
WindowFromPoint
SetWindowPos
OffsetRect
CopyRect
GetDesktopWindow
CreateDialogParamA
ShowWindow
SetParent
DestroyWindow
IsWindow
SetTimer
SetRect
MapDialogRect
KillTimer
DefMDIChildProcA
DefFrameProcA
DefDlgProcA
DefWindowProcA
GetClientRect
PostMessageA
RegisterWindowMessageA
InvalidateRect
GetSystemMenu
TrackPopupMenu
SetWindowLongA
keybd_event
SetWindowsHookExA
UnhookWindowsHookEx
GetAsyncKeyState
GetKeyState
CallNextHookEx
GetDlgItem
ScreenToClient

gdi32

CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
CreateFontIndirectA
ExtTextOutA
GetTextExtentPoint32A
SaveDC
RestoreDC
SetMapMode
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
GetPixel
GetClipBox
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreatePen
GetMapMode
EnumFontFamiliesExA
GetBkColor
GetTextColor
GetRgnBox
CreateRectRgnIndirect
CreateBitmap
SetBkColor
GetDIBits
SetDIBits
GetBitmapBits
CreateDCA
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
DeleteDC
DeleteObject
GetDeviceCaps
StretchBlt
CreateCompatibleDC
GetObjectA
GetStockObject
SelectObject
SetBkMode
SetTextColor

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumValueA
RegCloseKey
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegSetValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA

shell32

SHGetFileInfoA
Shell_NotifyIconA
ShellExecuteExA
DragFinish
ExtractIconA
ShellExecuteA
DragQueryFileA

comctl32

_TrackMouseEvent

oledlg

ord8

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleIsCurrentClipboard
CoInitializeEx
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoCreateInstance
CoInitialize
CoUninitialize
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysFreeString
VariantTimeToSystemTime
VarUdateFromDate
SystemTimeToVariantTime
VarUI4FromStr
OleLoadPicture
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString
VariantClear

ws2_32

socket
setsockopt
ioctlsocket
htons
connect
select
closesocket
recv
ntohl
WSAStartup

Sections

.text
Size: 559KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc183ccc7e3127d5009d20568d2e9d09

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 559KB - Virtual size: 558KB

.rdata Size: 149KB - Virtual size: 149KB

.data Size: 15KB - Virtual size: 32KB

.rsrc Size: 142KB - Virtual size: 141KB

.text
Size: 559KB - Virtual size: 558KB

.rdata
Size: 149KB - Virtual size: 149KB

.data
Size: 15KB - Virtual size: 32KB

.rsrc
Size: 142KB - Virtual size: 141KB