2024-07-10_382506d9856175057eb3cfa70c4b310b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-10_382506d9856175057eb3cfa70c4b310b_icedid
Size

283KB
MD5

382506d9856175057eb3cfa70c4b310b
SHA1

61454a07aef1804d740004d939000def64485d96
SHA256

c466c584a89f3355e0f042da24ee922e201735ff91501cfc156730a6609cd5b4
SHA512

0e22764370502e92dbcf11cf9d573fae59966e36f9be179eeed6082a061df523576883f15667009009a290ee96bd4a66ce44c638886cb4c61553441ae0d138b2
SSDEEP

3072:0LFzwgiU9LwD9JzK2H2MLw5cvOB2Tbs/GSEdX6Pi7U0SJVnBOyYN8u2r91:u8TUMpldLwyZ5SEkJVnB+2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-10_382506d9856175057eb3cfa70c4b310b_icedid

Files

2024-07-10_382506d9856175057eb3cfa70c4b310b_icedid
.exe windows:4 windows x86 arch:x86

c1b126715f57bda4d88af6909833cd7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
MoveFileA
DeleteFileA
FindClose
FindFirstFileA
GetFullPathNameA
RtlUnwind
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
GetStartupInfoA
ExitProcess
HeapAlloc
HeapFree
RaiseException
GetTimeZoneInformation
HeapSize
HeapReAlloc
GetACP
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
CloseHandle
GetVersion
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
LocalAlloc
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
GlobalFlags
lstrcmpA
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalLock
InterlockedExchange
GlobalUnlock
GetModuleHandleA
GetProcAddress
SetLastError
lstrlenA
MultiByteToWideChar
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetCommandLineA
GetCurrentThreadId
lstrcmpiA
InterlockedDecrement
CopyFileA
GetLastError
lstrlenW
WideCharToMultiByte

user32

CopyRect
GetClientRect
AdjustWindowRectEx
MapWindowPoints
PostMessageA
LoadIconA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
DestroyMenu
GetSystemMetrics
GetLastActivePopup
MessageBoxA
LoadStringA
SetFocus
EnableWindow
IsWindowEnabled
SetWindowPos
SetWindowLongA
WinHelpA
GetTopWindow
UnhookWindowsHookEx
GetFocus
GetParent
SendMessageA
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowLongA
GetClassNameA
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuItemID
GetWindowTextA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ClientToScreen
GetClassInfoA
RegisterClassA
GetMenu
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetMessageA
DispatchMessageA
PostThreadMessageA
GetDlgItem
GetCapture
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetSysColor
GetSysColorBrush
LoadCursorA

gdi32

SetTextColor
CreateBitmap
GetObjectA
CreateCompatibleDC
Escape
ExtTextOutA
TextOutA
RectVisible
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteObject
GetDeviceCaps
PtVisible

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

ole32

CoCreateInstance
OleRun
CoSuspendClassObjects
CoUninitialize
CoInitialize
CLSIDFromProgID

oleaut32

SysAllocString
VariantChangeType
SysStringLen
VariantClear
GetActiveObject
SysFreeString

comctl32

ord17

atl

ord23
ord20
ord17
ord18
ord22
ord16
ord32

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

xxqndhfr
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 148KB - Virtual size: 145KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c1b126715f57bda4d88af6909833cd7b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

atl

winspool.drv

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 8KB - Virtual size: 5KB

xxqndhfr Size: 8KB - Virtual size: 4KB

Size: 148KB - Virtual size: 145KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 8KB - Virtual size: 5KB

xxqndhfr
Size: 8KB - Virtual size: 4KB