2024-08-19_075f4748edd73ada5afff9156ed9fa8f_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-08-19_075f4748edd73ada5afff9156ed9fa8f_icedid
Size

1.3MB
MD5

075f4748edd73ada5afff9156ed9fa8f
SHA1

8b95980a8c361fbcd450f4405941cc1883bb4b39
SHA256

7118ef4622edb0c221259e2cda6898b067dcbf0379aaf6659435c7af88d4cbd1
SHA512

587448a98103b72698d6dec6bd86c87367c9e888eb9cee70fb7a8210c5aa122d550aaafa384f5c12825663c8081a383388dd704693ce3450e29718c5ebd42d22
SSDEEP

12288:GHcbEP++XNzDUMN4i7/cQRfovvZDeknVMJzcnAM/1wj+emt7hV7FcjsRl74rr82+:G84NPDbcmEhVMZMqMtVxFy/6J9DxpI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-19_075f4748edd73ada5afff9156ed9fa8f_icedid

Files

2024-08-19_075f4748edd73ada5afff9156ed9fa8f_icedid
.exe windows:4 windows x86 arch:x86

0ed727d6382cb76c5f07caae3d80f9eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

IpRenewAddress
IpReleaseAddress
GetInterfaceInfo

kernel32

FlushFileBuffers
GetCPInfo
GetOEMCP
GetCommandLineA
GetVersionExA
RtlUnwind
TerminateProcess
RaiseException
HeapSize
GetACP
GetSystemTimeAsFileTime
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
SetFilePointer
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery
InterlockedExchange
GetLocaleInfoA
IsBadCodePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetStdHandle
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
GetCurrentProcess
SetErrorMode
GetProcessVersion
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrcpyA
lstrcatA
WritePrivateProfileStringA
HeapReAlloc
InterlockedDecrement
GlobalFlags
lstrlenA
HeapFree
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LoadLibraryA
GetProcAddress
FreeLibrary
GetStartupInfoA
CreateProcessA
WaitForSingleObject
CreateFileA
WriteFile
CloseHandle
GetModuleFileNameA
Sleep
IsBadReadPtr
FreeEnvironmentStringsW

user32

SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
IsIconic
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
UnregisterClassA
LoadBitmapA
GetMenuState
ModifyMenuA
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
EnableWindow
SetCursor
GetWindowPlacement
SendMessageA
PostMessageA
PostQuitMessage
wsprintfA
GetSystemMetrics
MessageBoxA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetClassNameA

gdi32

DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 852KB - Virtual size: 866KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ed727d6382cb76c5f07caae3d80f9eb

Headers

File Characteristics

Imports

iphlpapi

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 852KB - Virtual size: 866KB

.rsrc Size: 364KB - Virtual size: 363KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 852KB - Virtual size: 866KB

.rsrc
Size: 364KB - Virtual size: 363KB