2024-08-14_8a1fa385f8dcb36325858f6cbe686fc8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-14_8a1fa385f8dcb36325858f6cbe686fc8_icedid
Size

365KB
MD5

8a1fa385f8dcb36325858f6cbe686fc8
SHA1

438a531db8765d7a74287b357f4caac2da41b764
SHA256

4df3a0b9ac466b6056626e197bc69dc09db0b9e9bd8f5d32af714e0fd5c4ec24
SHA512

773e415120a78a1fcc0bd1d38d823e106c078ff9362ce2a50e94d6ca2abb72dfd5e9f0d4875fc93058971a61c8ab40785a95ebcb9e8b3458200458ad7f30cad9
SSDEEP

6144:9Q7v4oHPCDlHcQ/qYjqB2GVwdInCwouTDsUuXObmTBABuAOIQOinmqqDLu8f:9QMoo1H/qiqBnVwKnC/UYKmTKBu2QNq1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-14_8a1fa385f8dcb36325858f6cbe686fc8_icedid

Files

2024-08-14_8a1fa385f8dcb36325858f6cbe686fc8_icedid
.exe windows:4 windows x86 arch:x86

0782ba99383b69ea7074d9a02b2d34f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
InterlockedIncrement
RaiseException
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
GetTickCount
GetStartupInfoW
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GlobalReAlloc
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LeaveCriticalSection
LocalAlloc
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpiW
WritePrivateProfileStringW
GetCurrentThread
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
LoadLibraryW
GetLocaleInfoW
GetLastError
lstrcpyW
FormatMessageW
LocalFree
InterlockedDecrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
lstrcpynW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
FreeLibrary
lstrcatW
lstrcmpW
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentDirectoryW
DeleteFileW
FindResourceW
LoadResource
LockResource
SizeofResource
GetTempPathA
GetSystemInfo
MultiByteToWideChar
TerminateProcess
CreateFileW
GetFileSize
LoadLibraryA
GetProcAddress
GetCurrentProcess
ReadFile
CreateProcessW
ReadProcessMemory
WriteProcessMemory
ResumeThread
Sleep
GetCommandLineW
GlobalAlloc
GlobalFree
WideCharToMultiByte
lstrlenW
GetModuleHandleW
GetModuleFileNameA
GetVersionExW
CreateFileA
DeviceIoControl
CloseHandle
VirtualQuery

user32

SetRect
CopyAcceleratorTableW
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
CharUpperW
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
LoadBitmapW
RegisterWindowMessageW
IsRectEmpty
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconW
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
GetClassInfoW
CharNextW
RegisterClassW
UnregisterClassW
LoadCursorW
GetSysColorBrush
DestroyMenu
WinHelpW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
SetTimer
ReleaseDC
GetDC
GetWindowRect
SystemParametersInfoW
wsprintfA
GetClientRect
IsIconic
SendMessageW
GetDlgItemTextA
GetSystemMetrics
SetDlgItemTextA
wsprintfW
EnableWindow
InvalidateRect
LoadImageW

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetDeviceCaps
SetViewportExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
CreateCompatibleBitmap
SetBitmapBits
BitBlt
CreateCompatibleDC
GetObjectW
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
ScaleViewportExtEx

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW

comctl32

ord17

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocStringLen
VariantCopy
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0782ba99383b69ea7074d9a02b2d34f9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 244KB - Virtual size: 244KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 22KB - Virtual size: 41KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 244KB - Virtual size: 244KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 22KB - Virtual size: 41KB

.rsrc
Size: 21KB - Virtual size: 20KB