2024-08-20_d7416ef54a2f7ba4b6fe1a5dfcb2367c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-20_d7416ef54a2f7ba4b6fe1a5dfcb2367c_icedid
Size

5.7MB
MD5

d7416ef54a2f7ba4b6fe1a5dfcb2367c
SHA1

67e17a664f452d6f9c734c4c1ffb91aad0c7b649
SHA256

83aab5c6660f5adfae9ffc4e236eab18245298a23e5e67170477fb6dea23b629
SHA512

8df79553367cc53be58e68d0b80b696e048e75459e0d8b081dd98af688bad481c53172ccc4dd95e6cb066514d6509c743a854414c1e5aca02f0b2801d8ba0f07
SSDEEP

98304:U6UzVlDePz6sUnZOtXyN8FUoIeLtk38DEX57U44XMIyjN+8n7u6lkbmQp:UDH5oimSom8DKLxzNfna6+tp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-20_d7416ef54a2f7ba4b6fe1a5dfcb2367c_icedid

Files

2024-08-20_d7416ef54a2f7ba4b6fe1a5dfcb2367c_icedid
.exe windows:4 windows x86 arch:x86

fe053de0798d5a3ff6501fd1ca07ce7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\Rec_Source\src\tools\release\setup.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

InitCommonControlsEx

urlmon

URLDownloadToCacheFileA

wininet

DeleteUrlCacheEntry
InternetCanonicalizeUrlA

msi

ord168

shlwapi

StrChrA
StrStrA
SHDeleteKeyA

kernel32

GetVersionExA
SetFilePointer
IsDebuggerPresent
GetSystemTimeAsFileTime
GlobalMemoryStatus
GetSystemInfo
VirtualQuery
GetFileSize
GetFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
RaiseException
GetCurrentThreadId
GetCurrentProcessId
GlobalAlloc
GlobalFree
CreateMutexA
GetExitCodeProcess
lstrcpynA
lstrcpyA
GetModuleFileNameA
LoadLibraryA
GetFullPathNameA
FindResourceA
LoadResource
LockResource
SizeofResource
WriteFile
CloseHandle
GetFileAttributesA
FindFirstFileA
FindNextFileA
SetFileAttributesA
RemoveDirectoryA
FindClose
WaitForSingleObject
CopyFileA
GetLocalTime
GetCurrentDirectoryA
CreateProcessA
FreeLibrary
GetEnvironmentVariableA
lstrlenA
CompareStringA
GetTempPathA
SetLastError
GlobalUnlock
GlobalLock
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedDecrement
InterlockedIncrement
GlobalGetAtomNameA
lstrcmpA
GetThreadLocale
GlobalFlags
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
ReadFile
FlushFileBuffers
SetEndOfFile
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetACP
IsValidCodePage
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
Sleep
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
CreateFileA
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetModuleHandleA
GetProcAddress
GetCurrentProcess
lstrcatA
LocalFree
GetSystemDirectoryA
DeleteFileA
FormatMessageA
OutputDebugStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange

user32

MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
WinHelpA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
PostQuitMessage
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowPos
SetWindowLongA
IsWindow
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetClientRect
PtInRect
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
GetKeyState
ValidateRect
GetWindowTextA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
wsprintfA
wvsprintfA
CharNextA
MsgWaitForMultipleObjects
CreateDialogParamA
SetFocus
ShowWindow
SetForegroundWindow
LoadCursorA
SetCursor
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
DialogBoxParamA
DestroyIcon
SetWindowTextA
SetDlgItemTextA
GetDlgItem
SendMessageA
MoveWindow
LoadIconA
EndDialog
GetWindowRect
SystemParametersInfoA
GetSystemMetrics
LoadStringA
MessageBoxA
ExitWindowsEx
CharPrevA
GetAsyncKeyState
CopyRect
DefWindowProcA
CallWindowProcA
GetClassNameA

advapi32

AllocateAndInitializeSid
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegOpenKeyA
FreeSid
GetUserNameA

shell32

ShellExecuteExA

dbghelp

MiniDumpWriteDump

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetMapMode
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
RectVisible
DeleteDC
PtVisible
GetDeviceCaps
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetStockObject
CreateBitmap
DeleteObject
TextOutA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

oleaut32

VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30.2MB - Virtual size: 30.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe053de0798d5a3ff6501fd1ca07ce7a

Headers

File Characteristics

PDB Paths

Imports

version

comctl32

urlmon

wininet

msi

shlwapi

kernel32

user32

advapi32

shell32

dbghelp

oleacc

gdi32

winspool.drv

oleaut32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 30KB

.rsrc Size: 30.2MB - Virtual size: 30.2MB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 30KB

.rsrc
Size: 30.2MB - Virtual size: 30.2MB