2024-08-02_946bf81032f57e2abd8ceb4106d5d8ca_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-08-02_946bf81032f57e2abd8ceb4106d5d8ca_icedid
Size

220KB
MD5

946bf81032f57e2abd8ceb4106d5d8ca
SHA1

2b412c775abd54e920690fa86e255580ddfe165f
SHA256

dbd9038a8673684ab9b2bbf1ae3e769a045526500cd8c5a6d60ae0f7d339b85a
SHA512

b138f9ee1785da14d4188c728c7399360e26709a72185099f68d2d3a962cf647f4e2ed445320664c9f047b6faf6262e782efb10f71f0b6f6fd8ec90555b8a99c
SSDEEP

3072:J0GCBYHCKNQrtWz1OwBqs7Hixas9yvTKUXf82dMAcWNgJkklSzdsb:FNQhOJrwl9yvTK08DOds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-02_946bf81032f57e2abd8ceb4106d5d8ca_icedid

Files

2024-08-02_946bf81032f57e2abd8ceb4106d5d8ca_icedid
.exe windows:4 windows x86 arch:x86

6a07aefcda5087d5b539796c54493caf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
CreateThread
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
VirtualQuery
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
SetErrorMode
GetOEMCP
GetCPInfo
CreateFileA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFlags
InterlockedIncrement
GetCurrentDirectoryA
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
InterlockedDecrement
FreeResource
SuspendThread
ResumeThread
SetThreadPriority
GlobalAddAtomA
SetLastError
GlobalFree
MulDiv
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThreadId
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
ResetEvent
DeleteFileA
GetShortPathNameA
GetFileAttributesA
GetPrivateProfileStringA
WinExec
GetModuleHandleA
GetProcAddress
GetCurrentThread
GetCurrentProcess
GetLastError
GetUserDefaultLangID
CreateEventA
SetEvent
FindFirstFileA
FindNextFileA
FindClose
EnumResourceNamesA
LoadLibraryA
SetCurrentDirectoryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
QueryPerformanceCounter
FreeLibrary

user32

GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
GetWindowPlacement
PtInRect
GetWindow
GetWindowTextLengthA
SetWindowPos
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
SystemParametersInfoA
DestroyMenu
CopyRect
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
IsWindowVisible
GetKeyState
ValidateRect
MessageBoxA
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMenuItemCount
PostQuitMessage
PostMessageA
LoadBitmapA
CreateWindowExA
PeekMessageA
TranslateMessage
DispatchMessageA
GetDesktopWindow
EnumChildWindows
GetSystemMetrics
EnumWindows
GetCursorPos
SetCursor
ReleaseCapture
LoadIconA
LoadCursorA
EnableWindow
WindowFromPoint
GetParent
SetCapture
GetActiveWindow
InvalidateRect
UpdateWindow
TrackPopupMenu
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
IsIconic
SendMessageA
LoadMenuA
GetSubMenu
DrawIcon
SetForegroundWindow
ExitWindowsEx
GetWindowTextA
GetMessageA
GetSysColorBrush
wsprintfA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetFocus

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
DeleteObject
GetObjectA
GetBitmapBits
CreateBitmapIndirect
BitBlt
CreateCompatibleDC
SelectObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
FreeSid
EqualSid
RegQueryValueA
RegCloseKey
RegOpenKeyA
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantChangeType
VariantClear
VariantInit

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a07aefcda5087d5b539796c54493caf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

oleacc

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 24KB - Virtual size: 21KB