2024-08-23_a935bb3143363c1e83dbb323f42b66f0_icedid_sakula

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-23_a935bb3143363c1e83dbb323f42b66f0_icedid_sakula
Size

22.7MB
MD5

a935bb3143363c1e83dbb323f42b66f0
SHA1

36ef334a751d3a86933ad771119f72e221ff2244
SHA256

e3a2778322ac4ddfbf4a9b2cb7d9921e996f857ecc50344b6248cf2e5394c756
SHA512

3b13723267f640c5b5eb4ef961aa323e314b7f120491113286662ef05bf057dd8bc302c4cd0260f48d2dbf60d2aaa84339ab13e7cc252e913b3f8f484c64c748
SSDEEP

196608:Rc1aN0ECig1IFnEplmOXKh8mY8J4V+mPKSJAMr3jv4xHlZoA/iRYvWHQ:sOhCcFkjXLWiV+mSSCMToHluOX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-23_a935bb3143363c1e83dbb323f42b66f0_icedid_sakula

Files

2024-08-23_a935bb3143363c1e83dbb323f42b66f0_icedid_sakula
.exe windows:4 windows x86 arch:x86

15d49e99e7af2789a2be81fc9267e2bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA
AVIStreamGetFrame

winmm

waveOutPrepareHeader
PlaySoundA
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
waveOutWrite
waveOutPause
waveOutRestart
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
waveOutUnprepareHeader
midiOutPrepareHeader

ws2_32

inet_ntoa
WSACleanup
closesocket
WSAAsyncSelect
recvfrom
ioctlsocket
recv
getpeername
accept
ntohl

kernel32

TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetCurrentThread
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
GetPrivateProfileIntA
GetTempFileNameA
GetStartupInfoA
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
GetTimeFormatA
GetDateFormatA
HeapSize
GetACP
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetCurrentProcessId
GetSystemTimeAsFileTime
IsDebuggerPresent
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
VirtualQuery
CompareStringA
CompareStringW
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsDBCSLeadByte
GetLocalTime
GlobalDeleteAtom
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
InterlockedDecrement
InterlockedIncrement
SuspendThread
TerminateThread
ReleaseMutex
CreateMutexA
GetVersion
GetLocaleInfoA
GetTimeZoneInformation
QueryPerformanceCounter
SetLastError
GlobalHandle
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
lstrlenW
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathA
FindFirstFileA
FindClose
GetFileAttributesA
MoveFileA
DeleteFileA
CopyFileA
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceA
MulDiv
GetCommandLineA
GetTickCount
CreateProcessA
WaitForSingleObject
CloseHandle
TlsAlloc
GlobalFindAtomA
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GetProfileIntA
FindResourceExA
lstrcpyW
LocalAlloc

user32

GetTabbedTextExtentA
wvsprintfA
ShowOwnedPopups
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
CharUpperA
GetWindowTextLengthA
HideCaret
GetSysColorBrush
GetWindowTextA
GetDlgItem
FindWindowA
keybd_event
GetClassNameA
GetDesktopWindow
VkKeyScanExA
GetKeyboardLayout
GetNextDlgTabItem
UnionRect
LoadIconA
TranslateMessage
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
LoadStringA
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
DefWindowProcA
GetSystemMenu
DeleteMenu
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ReleaseDC
InsertMenuA
GetMenuStringA
RemoveMenu
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
ClipCursor
DestroyCaret
ShowCaret
IsChild
TrackPopupMenu
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
LockWindowUpdate
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBeep
MessageBoxA
GetCursorPos
GetSystemMetrics
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
WaitForInputIdle
GetAsyncKeyState
MapDialogRect
InSendMessage
UnregisterClassA
GetDCEx
GetCaretPos
SetCaretPos
CreateCaret
GetDlgCtrlID
SystemParametersInfoA

gdi32

BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
SetPixelV
PolyBezierTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
EndPath
Escape
GetDeviceCaps
GetTextMetricsA
GetMapMode
SetRectRgn
GetCharWidthA
CopyMetaFileA
AbortDoc
SetAbortProc
EnumFontFamiliesA
CreateICA
PtInRegion
RectInRegion
CreateEllipticRgnIndirect
Polyline
DeleteEnhMetaFile
SetWinMetaFileBits
PlayEnhMetaFile
SetEnhMetaFileBits
GetEnhMetaFileBits
FrameRgn
CloseFigure
GetPath
StrokeAndFillPath
OffsetRgn
SetPolyFillMode
RestoreDC
SaveDC
PathToRegion
CreateEllipticRgn
DeleteMetaFile
CloseMetaFile
GetTextAlign
GetNearestColor
GetTextFaceA
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
CreateHatchBrush
CreateBitmap
CreatePatternBrush
CreateCompatibleDC
BitBlt
StartPage
StartDocA
DeleteDC
EndDoc
EndPage
GetObjectA
GetStockObject
CreateFontIndirectA
CreateSolidBrush
SelectObject
ExtTextOutA
CreatePen
GetTextExtentPoint32A
FillRgn
Polygon
Arc
Chord
CreateRectRgn
Pie
RoundRect
GetCurrentObject
DPtoLP
LPtoDP
Rectangle
CombineRgn
Ellipse
PatBlt
EnumFontFamiliesExA
CreateFontA
SetDIBitsToDevice
StretchDIBits
SetTextColor
SetBkMode
TextOutA
SetBkColor
CreateRectRgnIndirect
CreateDIBSection
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
SetROP2

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

comdlg32

GetOpenFileNameA
CommDlgExtendedError
ChooseFontA
ChooseColorA
GetSaveFileNameA
PrintDlgA
GetFileTitleA

advapi32

SetFileSecurityA
RegSetValueA
RegCreateKeyExA
RegOpenKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetFileSecurityA

shell32

DragQueryFileA
Shell_NotifyIconA
ExtractIconA
DragFinish
SHGetFileInfoA
ShellExecuteA

ole32

OleSetMenuDescriptor
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoUninitialize
CoInitialize
CoGetClassObject
OleSetClipboard
CreateFileMoniker
CoLockObjectExternal
OleQueryCreateFromData
OleGetClipboard
CreateGenericComposite
CreateItemMoniker
OleSaveToStream
WriteClassStm
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSave
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateFromData
OleSetContainedObject
OleLockRunning
OleRun
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromString
OleUninitialize
OleInitialize
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CoDisconnectObject
OleIsRunning
OleLoad
OleConvertOLESTREAMToIStorage
OleGetIconOfClass

oleaut32

VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
VariantClear
VariantCopy
UnRegisterTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
SysAllocString

odbc32

ord18
ord44
ord3
ord54
ord68
ord72
ord4
ord48
ord49
ord20
ord17
ord59
ord8
ord19
ord46
ord12
ord43
ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord11
ord13
ord16
ord5
ord10

comctl32

CreatePropertySheetPageA
PropertySheetA
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Read
ImageList_Duplicate
DestroyPropertySheetPage

wininet

InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
FtpGetFileA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

imm32

ImmGetContext
ImmGetCompositionStringA
ImmNotifyIME
ImmReleaseContext
ImmSetCompositionWindow

wldap32

ord29

oledlg

ord11
ord4
ord3

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20.4MB - Virtual size: 20.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15d49e99e7af2789a2be81fc9267e2bd

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

comctl32

wininet

imm32

wldap32

oledlg

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 20.4MB - Virtual size: 20.4MB

.data Size: 156KB - Virtual size: 513KB

.rsrc Size: 80KB - Virtual size: 76KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 20.4MB - Virtual size: 20.4MB

.data
Size: 156KB - Virtual size: 513KB

.rsrc
Size: 80KB - Virtual size: 76KB