2024-07-06_3bddd361107ec5ba6e8c43f0422a2c43_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-06_3bddd361107ec5ba6e8c43f0422a2c43_icedid
Size

3.0MB
MD5

3bddd361107ec5ba6e8c43f0422a2c43
SHA1

5dfb55e28941071ecde3b9a7215ea6cc5c5f4d58
SHA256

f377cb10f7890dd6566e3ea7e7651676cb29fd384ddf34ecc7e7750dfb9c50f0
SHA512

1ddc79537f682d47e058288b6953cc646a9e3c13904136136ddc00c50e5df8ccb6e9ceb3efd78ad705239091d87c3136a2485d6291a22e4bc84e6be99fd29f78
SSDEEP

98304:0tioFYmagBvyDNmKG626t6T6i6u6S/jcB9TrSA7fupzIW:R2k/8RIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-06_3bddd361107ec5ba6e8c43f0422a2c43_icedid

Files

2024-07-06_3bddd361107ec5ba6e8c43f0422a2c43_icedid
.exe windows:5 windows x86 arch:x86

ca5b5802336ddeca7e6e01206f57fa20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringW
GetTickCount
GetStartupInfoW
HeapFree
HeapAlloc
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateDirectoryW
HeapReAlloc
DeleteFileA
ExitProcess
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsW
SetErrorMode
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
InterlockedDecrement
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
MulDiv
lstrcmpA
GetFullPathNameW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
SetLastError
GetThreadLocale
CreateEventW
WaitForSingleObject
FormatMessageW
LocalFree
GetVolumeInformationW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateProcessW
lstrcpyW
GetCurrentProcessId
OpenFileMappingW
CreateFileMappingW
MapViewOfFile
IsBadReadPtr
UnmapViewOfFile
OpenProcess
TerminateProcess
Sleep
lstrcmpiW
GetSystemTime
GetLocalTime
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
lstrcpynW
FreeLibrary
WideCharToMultiByte
GetSystemDirectoryW
OutputDebugStringA
GetCurrentProcess
GetLastError
GetModuleHandleW
LoadLibraryW
GetShortPathNameW
GetFileAttributesW
SetFileAttributesW
FindFirstFileW
FindClose
GetPrivateProfileStringW
GetSystemWindowsDirectoryW
lstrcatW
GetTempFileNameW
DeleteFileW
CreateFileW
CloseHandle
SetFilePointer
MoveFileW
GetSystemDefaultLangID
VirtualAlloc
SetFilePointerEx
WriteFile
VirtualFree
GetModuleHandleA
GetProcAddress
GetWindowsDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenA
GetModuleFileNameA
GetModuleFileNameW
OutputDebugStringW
lstrlenW
GetWindowsDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GetVersionExW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetEnvironmentStringsW

user32

SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
CheckDlgButton
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
CharUpperW
RegisterWindowMessageW
GetAncestor
SetRect
MessageBeep
GetClassNameW
GetWindow
GetWindowTextW
GetCursorPos
SetForegroundWindow
FindWindowExW
InvalidateRect
PostMessageW
GetSubMenu
MessageBoxA
GetClassInfoW
GetForegroundWindow
FindWindowW
UpdateWindow
GetSystemMetrics
LoadIconW
EnableWindow
GetDesktopWindow
GetClientRect
GetWindowRect
IsIconic
DrawIcon
MessageBoxW
FindWindowA
SendMessageW
SetDlgItemTextW
IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
PostThreadMessageW
RegisterClipboardFormatW
SetWindowLongW
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
SetCapture
UnregisterClassW
LoadCursorW
GetSysColorBrush
GetWindowThreadProcessId
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
PtInRect

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateSolidBrush
DeleteObject
StretchDIBits
GetNearestPaletteIndex
GetPaletteEntries

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegCreateKeyExW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegCreateKeyW
RegOpenKeyExA
RegDeleteValueW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegOpenKeyExW
RegQueryValueExW
RegFlushKey
RegCloseKey
RegQueryValueW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
FindExecutableW
ShellExecuteExW
SHChangeNotify

shlwapi

PathRemoveExtensionW
StrCmpIW
StrStrIW
PathFindExtensionW
PathFileExistsW
PathFindFileNameA
PathFindFileNameW
PathFileExistsA
StrStrW
PathMakePrettyW
PathStripPathW
PathUnquoteSpacesW
PathRemoveBlanksW
AssocQueryStringW
PathStripToRootW
PathAppendW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
OleIsCurrentClipboard
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysStringLen

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca5b5802336ddeca7e6e01206f57fa20

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

version

iphlpapi

Sections

.text Size: 320KB - Virtual size: 319KB

.rdata Size: 95KB - Virtual size: 94KB

.data Size: 25KB - Virtual size: 50KB

.rsrc Size: 42KB - Virtual size: 42KB

.text
Size: 320KB - Virtual size: 319KB

.rdata
Size: 95KB - Virtual size: 94KB

.data
Size: 25KB - Virtual size: 50KB

.rsrc
Size: 42KB - Virtual size: 42KB