2024-06-30_4a9d4d4bb84e9cf7926e10a74b39c010_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-30_4a9d4d4bb84e9cf7926e10a74b39c010_icedid
Size

9.9MB
MD5

4a9d4d4bb84e9cf7926e10a74b39c010
SHA1

feb848560f1b0f82eb04d3615774b9430d1d295e
SHA256

c6ed6e07452c36212f514393b7b79f628b701c34672879bba90daefb380b0db7
SHA512

d9a32aae9e13cf5ae572f1c332ec5d48ecd620102bf2d391eafd382d01d788a6f3c74f82da2479ecc7faa1285a2eb7a6caed51aea29bbaa346b7250bd288c039
SSDEEP

196608:5keZ4H7ZH8VrsEyi80+gwLgSXp02KnLPD0r:ZqIp0gIXpJ6Lb0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-30_4a9d4d4bb84e9cf7926e10a74b39c010_icedid

Files

2024-06-30_4a9d4d4bb84e9cf7926e10a74b39c010_icedid
.exe windows:4 windows x86 arch:x86

72b2832d8ec90dc57bca5bb5199ef5d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageA
UpdateLayeredWindow
wsprintfA
CreateWindowExA
SendMessageA
IsWindow
ShowWindow
SetPropA
GetPropA
SetWindowLongA
GetDC
PeekMessageA
ReleaseDC
CallWindowProcA
TrackMouseEvent
EnumChildWindows
EnableWindow
MessageBoxA
GetWindowRect
GetSystemMetrics
GetCursorPos
CloseClipboard
GetClipboardData
OpenClipboard
DispatchMessageA
TranslateMessage
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
UnregisterClassA
IntersectRect
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
IsRectEmpty
ReleaseDC
IsChild
EndPaint
BeginPaint
GetWindowDC
CharUpperA
GetWindowTextLengthA
GetWindowTextA
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
PeekMessageA
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
TabbedTextOutA
DrawTextA
GrayStringA
CopyRect
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
SetMenu
GetMenu
DeleteMenu
GetSystemMenu
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
LoadStringA
GetSysColorBrush
IsIconic
ModifyMenuA
GetForegroundWindow
TranslateMessage
LoadIconA
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
SetClipboardData
AppendMenuA
DestroyIcon

kernel32

GetEnvironmentStrings
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
HeapCreate
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCPInfo
RtlUnwind
GetVersion
GetCommandLineA
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
RaiseException
GetStringTypeA
GetStringTypeW
TlsFree
InterlockedDecrement
InterlockedIncrement
SetFilePointer
SetUnhandledExceptionFilter
IsBadCodePtr
LCMapStringW
SetStdHandle
FlushFileBuffers
LCMapStringA
FreeLibrary
Sleep
GetLocalTime
WriteFile
GetTempPathA
GetTickCount
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetModuleFileNameA
IsBadReadPtr
HeapFree
VirtualFree
HeapAlloc
ExitProcess
GetProcessHeap
LocalAlloc
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
MapViewOfFile
CreateFileMappingA
GetProcAddress
LoadLibraryA
LocalSize
GlobalUnlock
GetModuleHandleA
RtlMoveMemory
GlobalFree
GlobalLock
GlobalAlloc
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
FindClose
FindFirstFileA
GlobalUnlock
GlobalLock
Sleep
CreateEventA
CreateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
GetLastError
LoadLibraryA
FreeLibrary
GetFullPathNameA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
WinExec
lstrlenA
lstrcatA
InitializeCriticalSection
DeleteCriticalSection
GlobalFree
GlobalSize
ExitProcess
GetCurrentThreadId
GetModuleFileNameA
LockResource
LoadResource
FindResourceA
SetEvent
CreateFileA
WaitForMultipleObjects
ReadFile
WriteFile
GetProfileStringA
LeaveCriticalSection
EnterCriticalSection
ReleaseSemaphore
ResumeThread
CreateSemaphoreA
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
InterlockedIncrement
InterlockedDecrement
LocalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
SetLastError
lstrcpynA
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcmpiA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
lstrcmpA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileSize
GetFileTime
GetCurrentThread
GlobalAlloc

ole32

CreateStreamOnHGlobal
CLSIDFromString
OleInitialize
CLSIDFromString
OleUninitialize

gdiplus

GdipSetTextRenderingHint
GdipDeletePen
GdipGetRegionBounds
GdipCreateSolidFill
GdipSetSolidFillColor
GdiplusStartup
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipDrawRectangleI
GdipLoadImageFromFile
GdipGetImageWidth
GdipDeleteBrush
GdipGetImageHeight
GdipLoadImageFromStream
GdipDisposeImage
GdipCreateFromHDC
GdipCreateBitmapFromScan0

gdi32

CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
PatBlt
CreateCompatibleDC
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
Ellipse
OffsetViewportOrgEx
CombineRgn
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreatePen
GetObjectA
SelectObject
CreateBitmap
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
Rectangle
CreateRectRgn
FillRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
SetViewportOrgEx
BitBlt
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
SetViewportExtEx
BeginPath
GetDeviceCaps

imm32

ImmGetCompositionStringW
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

shell32

SHAppBarMessage
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteA

shlwapi

PathFileExistsA

winmm

PlaySoundA
midiOutUnprepareHeader
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
midiStreamOut

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueA
RegCreateKeyExA

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

comctl32

ord17
ImageList_Destroy

ws2_32

WSAAsyncSelect
closesocket
WSACleanup
inet_ntoa
recvfrom
ioctlsocket
recv
getpeername
accept

comdlg32

GetSaveFileNameA
GetFileTitleA
ChooseColorA
GetOpenFileNameA

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72b2832d8ec90dc57bca5bb5199ef5d0

Headers

File Characteristics

Imports

user32

kernel32

ole32

gdiplus

gdi32

imm32

shell32

shlwapi

winmm

winspool.drv

advapi32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 6.9MB - Virtual size: 6.9MB

.data Size: 360KB - Virtual size: 448KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 6.9MB - Virtual size: 6.9MB

.data
Size: 360KB - Virtual size: 448KB

.rsrc
Size: 24KB - Virtual size: 20KB