2024-07-10_c46ff8cd41d8b7f7d284be27359f5a3c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-10_c46ff8cd41d8b7f7d284be27359f5a3c_icedid
Size

454KB
MD5

c46ff8cd41d8b7f7d284be27359f5a3c
SHA1

0dcf9f54fcd41b39ce13a2be20c369a5cc497939
SHA256

ccdf9d51ce2df43224ece40887feb9f7a28bd5c7b6ba37ef805aaa03e3d9015d
SHA512

0882ddf36015e6e55d2f947e3439815bd8c6d34d953e1b91739acafd2f228cba9c38a0f215c7476fb4a6b05311880da7214c9f7dd94173ce84f8189f5c94e5b9
SSDEEP

6144:wVYkM3M/P80Rag05rrdWdv71Ty46YRjSxnO2lVCFXbXMzmyLNAMZxiIudNU:0YkM8/P80fw06YR2nO2lVmXIzmyJAJo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-10_c46ff8cd41d8b7f7d284be27359f5a3c_icedid

Files

2024-07-10_c46ff8cd41d8b7f7d284be27359f5a3c_icedid
.exe windows:4 windows x86 arch:x86

13f06d30f0d2afa090f274b873f679ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpAddRequestHeadersW
HttpOpenRequestW
HttpSendRequestA
InternetReadFile
HttpSendRequestW
InternetQueryOptionW
InternetErrorDlg
InternetCheckConnectionW
InternetConnectW
HttpQueryInfoW
InternetOpenW
InternetSetOptionW
InternetAttemptConnect
InternetCloseHandle
InternetGetConnectedState

ws2_32

gethostbyname
WSACleanup
WSAStartup
WSAGetLastError
inet_ntoa
gethostname

shlwapi

PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
PathStripToRootW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
GetVersionExA
LoadLibraryA
CompareStringW
GlobalFindAtomW
InterlockedDecrement
WritePrivateProfileStringW
GlobalFlags
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
lstrlenA
FileTimeToSystemTime
SetErrorMode
DuplicateHandle
SetFileAttributesW
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
ExitProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetCurrentDirectoryA
GetDriveTypeA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetModuleHandleA
GlobalUnlock
MulDiv
GetTickCount
GlobalAddAtomW
GlobalFree
lstrlenW
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
LocalAlloc
GetComputerNameW
GetExitCodeProcess
OpenProcess
FreeResource
GetVersionExW
VerSetConditionMask
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetCurrentProcessId
TerminateProcess
LocalFree
GetCurrentProcess
VerifyVersionInfoW
SetFileTime
SystemTimeToFileTime
SetFilePointer
LocalFileTimeToFileTime
GetCurrentDirectoryW
CreateFileW
ReadFile
WriteFile
IsBadReadPtr
CreateThread
TerminateThread
GetExitCodeThread
GetModuleHandleW
Sleep
IsBadStringPtrW
ReleaseMutex
CopyFileW
WaitForSingleObject
DeleteFileW
WideCharToMultiByte
FormatMessageW
GetProcAddress
LoadLibraryW
CreateMutexW
GetModuleFileNameW
LockResource
SizeofResource
GetCommandLineW
CreateDirectoryW
CloseHandle
LoadResource
GetLastError
SetCurrentDirectoryW
MultiByteToWideChar
FindResourceW
FileTimeToLocalFileTime

user32

LoadCursorW
GetSysColorBrush
CharNextW
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
MessageBeep
PostThreadMessageW
DestroyMenu
IsChild
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
SetForegroundWindow
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
UnregisterClassA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CharUpperW
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
EndDialog
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnhookWindowsHookEx
UnregisterClassW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterClipboardFormatW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
CopyRect
IsWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
LoadBitmapW
GetParent
GetCapture
DrawEdge
DrawFocusRect
GetSysColor
OffsetRect
WindowFromPoint
GetNextDlgGroupItem
GetWindowLongW
ClientToScreen
GetDC
ReleaseDC
GetWindowRect
GetWindowRgn
ReleaseCapture
LoadImageW
GetClientRect
SetWindowRgn
GetCursorPos
SetCapture
GetSystemMetrics
DrawIcon
PostMessageW
KillTimer
GetDlgItem
EnableWindow
InvalidateRect
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
FindWindowW
SetTimer
GetDesktopWindow
SendMessageW
MessageBoxW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
GetNextDlgTabItem
WinHelpW
PeekMessageW
IntersectRect

gdi32

SetMapMode
GetClipBox
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetTextColor
ExtSelectClipRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
MoveToEx
LineTo
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
DeleteDC
DeleteObject
SelectObject
StretchBlt
CreateCompatibleDC
GetObjectW
BitBlt
CreateCompatibleBitmap
PatBlt
CreateSolidBrush
CreateRoundRectRgn
CreateFontIndirectW
CreateRectRgnIndirect
CreateRectRgn
GetStockObject
CreatePen
FrameRgn

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

InitializeSecurityDescriptor
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
SetSecurityDescriptorDacl
OpenSCManagerW
CreateWellKnownSid
DuplicateToken
RegSetValueExW
ControlService
CloseServiceHandle
RegOpenKeyExW
GetTokenInformation
RegEnumValueW
CheckTokenMembership
AllocateAndInitializeSid
ChangeServiceConfigW
RegCreateKeyExW
OpenProcessToken
FreeSid
OpenServiceW
GetUserNameW
RegCloseKey
RegQueryValueExW

shell32

SHGetFolderPathW
ShellExecuteExW
ShellExecuteW

comctl32

_TrackMouseEvent

oledlg

OleUIBusyW

ole32

CoInitialize
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoRegisterMessageFilter
OleFlushClipboard
CoFreeUnusedLibraries
OleInitialize
CoTaskMemFree
CoUninitialize
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoCreateInstance

oleaut32

VariantInit
VariantChangeType
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
VariantCopy
SysFreeString
SysAllocStringLen
SysStringLen

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13f06d30f0d2afa090f274b873f679ee

Headers

File Characteristics

Imports

wininet

ws2_32

shlwapi

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

oleacc

Sections

.text Size: 305KB - Virtual size: 305KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 11KB - Virtual size: 30KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 305KB - Virtual size: 305KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 11KB - Virtual size: 30KB

.rsrc
Size: 23KB - Virtual size: 23KB