2024-07-07_0139f4caab75296f366cd12e236e84cd_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-07_0139f4caab75296f366cd12e236e84cd_icedid
Size

500KB
MD5

0139f4caab75296f366cd12e236e84cd
SHA1

3a47d4db3b334121df82e01778b6eff616bb4db5
SHA256

555df0414ac06b7c82f6933e4cac490ff3b49383eda8e03354d5b716bd825684
SHA512

fdba4e907c5f06c8b87fa83169daaeaac26eaafae666a2cb0872fb2efbbdbe8eb2e994e3ffb44109e9085d9115ba1a1e380343e281fbbc01238c6d85b65e2b11
SSDEEP

12288:LJOaNRsAQzu4D4v72p2+Jvce7YgUqseT:LxNRJ2UEvtY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-07_0139f4caab75296f366cd12e236e84cd_icedid

Files

2024-07-07_0139f4caab75296f366cd12e236e84cd_icedid
.exe windows:4 windows x86 arch:x86

03ee5bc3cb6cd6d1a56194d5dd61817e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetFileTime
GetFileAttributesA
SetErrorMode
GetShortPathNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
InterlockedDecrement
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalAlloc
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetTickCount
Sleep
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CreateDirectoryA
lstrlenA
CreateEventA
GetCurrentProcessId
MultiByteToWideChar
Beep
GetCurrentDirectoryA
CreateThread
ResumeThread
CopyFileA
RemoveDirectoryA
DeleteFileA
GetLastError
SetCurrentDirectoryA
GetSystemTime
MulDiv
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStdHandle
InterlockedExchange

user32

InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
LoadCursorA
GetSysColorBrush
wsprintfA
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenuItemID
GetMenuItemCount
GetSysColor
EnableWindow
GetDC
SendMessageA
GetWindowRect
FillRect
GetClientRect
ReleaseDC
CheckMenuItem
GetSubMenu
PostMessageA
LoadBitmapA
GetMenu
GetAsyncKeyState
DrawIcon
IsIconic
SetTimer
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
PostThreadMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SendDlgItemMessageA
SetCapture
LoadIconA
GetSystemMetrics
wsprintfW
UpdateWindow
GetFocus
DeleteMenu
EnableMenuItem
GetMenuStringA
ModifyMenuA
LoadMenuA
SetMenu
DrawMenuBar
KillTimer
EnumDisplayMonitors
MonitorFromPoint
CharUpperA
UnregisterClassA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA

gdi32

CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetMapMode
CreateFontIndirectA
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateFontA
GetStockObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetBitmapBits
CreateSolidBrush
GetDeviceCaps
GetObjectA
GetWindowExtEx

comdlg32

GetFileTitleA
GetSaveFileNameA
ChooseColorA
GetOpenFileNameA
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueExA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteA

comctl32

ord17

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoGetClassObject
CoCreateInstance
GetRunningObjectTable
CreateItemMoniker
CoInitialize
CoUninitialize
CoTaskMemFree
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes

oleaut32

SysFreeString
VariantClear
VariantInit
VariantChangeType
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
OleCreatePropertyFrame

Sections

.text
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03ee5bc3cb6cd6d1a56194d5dd61817e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 352KB - Virtual size: 351KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 16KB - Virtual size: 1.7MB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 352KB - Virtual size: 351KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 16KB - Virtual size: 1.7MB

.rsrc
Size: 44KB - Virtual size: 40KB