2024-08-29_c645ab5660628ce82cfbaffff3efecfe_hacktools_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-29_c645ab5660628ce82cfbaffff3efecfe_hacktools_icedid
Size

8.4MB
MD5

c645ab5660628ce82cfbaffff3efecfe
SHA1

d4d99a7191210d1855b1e77a81060dff4dda029c
SHA256

23ec08977f5562f11b802f4c5818f920650af3272b3c4af5e319f5fd5f97c4cf
SHA512

62dcc9e898e533ca2bcc905eecc4664689361c06951435079fedcbd16c7403ae954fa041428ff447b9c8feae7ddd3771a9da67677f0be88fcbadf3a01db66ab0
SSDEEP

98304:IOHivPm9YvWUPwcdGnElCjVsYVbsHZaPNE7Kf4Baf://GUxnElCjVsYVbsHZaPNEDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-29_c645ab5660628ce82cfbaffff3efecfe_hacktools_icedid

Files

2024-08-29_c645ab5660628ce82cfbaffff3efecfe_hacktools_icedid
.exe windows:4 windows x86 arch:x86

ac0df19add4ff8a7ee4cd0cc2c455e76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
UnhookWindowsHookEx
UnregisterClassA
PtInRect
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
GetWindowTextA
GetMenuItemCount
TabbedTextOutA
DrawTextA
GrayStringA
SetWindowsHookExA
SetWindowPos
SetFocus
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessageTime
DefWindowProcA
RemovePropA
GetClassLongA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetLastActivePopup
IsWindowEnabled
SetCursor
PostMessageA
PostQuitMessage
GetSysColorBrush
DestroyMenu
EmptyClipboard
GetDlgItem
LoadCursorA
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
GetCursorPos
GetSystemMetrics
wsprintfA
MessageBoxA
EnableWindow
TrackMouseEvent
CallWindowProcA
ShowWindow
IsWindow
GetWindowLongA
GetClassNameA
EnumWindows
GetAncestor
SendMessageA
EnumChildWindows
CreateWindowExA
ReleaseDC
UpdateLayeredWindow
GetDC
GetWindowRect
SetWindowLongA
GetPropA
GetMessagePos
SetPropA
LoadIconA
GetParent
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetClientRect
LoadStringA
GetSysColorBrush
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
RegisterClassA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
RegisterWindowMessageA
GetWindowPlacement
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetWindowTextLengthA
CharUpperA
UnregisterClassA
GetNextDlgTabItem
WaitForInputIdle
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
ReleaseDC
ScrollDC
IsRectEmpty
InvertRect
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
SetRect
InflateRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
KillTimer
WinHelpA
LoadBitmapA
CopyRect
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetMenu
DefWindowProcA
GetClassInfoA
DeleteMenu
GetSystemMenu
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
LoadIconA
TranslateMessage
SystemParametersInfoA
GetDesktopWindow
GetClassNameA
GetWindowThreadProcessId
FindWindowA
GetDlgItem
FindWindowExA
GetWindowTextA
GetForegroundWindow
ExitWindowsEx
GetMenuState
GetMenuItemID
GetMenuItemCount
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetWindowTextA
LoadStringA
CopyIcon
GetIconInfo
CreateIconIndirect

gdi32

RectVisible
SaveDC
DeleteDC
GetStockObject
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetBkColor
CreateCompatibleDC
CreateDIBSection
SelectObject
SetViewportExtEx
SetViewportOrgEx
CreateBitmap
GetDeviceCaps
PtVisible
DeleteObject
TextOutA
ExtTextOutA
Escape
GetObjectA
OffsetViewportOrgEx
RestoreDC
SetMapMode
SetTextColor
CreateBrushIndirect
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
CreateHatchBrush
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
Pie
Chord
Arc
Polygon
GetTextExtentPoint32A
GetDeviceCaps
CreateBitmap
CreatePatternBrush
SelectObject
SetPixelV
PatBlt
FillRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
GetPixel
GetDIBits
CreateCompatibleDC
CreatePen
Escape
ExtTextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
SetDIBitsToDevice
SetBkMode
TextOutA
MoveToEx
LineTo
SetTextColor
GetTextMetricsA
OffsetRgn
FrameRgn
SetBkColor
CreateRectRgnIndirect
CreateDIBSection
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap

kernel32

FlushFileBuffers
GetFileType
GetStartupInfoA
FreeLibrary
LCMapStringA
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
IsBadCodePtr
IsBadWritePtr
GetStringTypeW
GetStringTypeA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
SetFilePointer
GetCurrentProcess
GetProcessVersion
GlobalAddAtomA
GlobalFindAtomA
GetLastError
SetLastError
InterlockedIncrement
WritePrivateProfileStringA
GlobalFlags
GetVersion
lstrlenA
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GlobalUnlock
WriteFile
GetTempPathA
GetTickCount
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetPrivateProfileStringA
GetModuleFileNameA
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetProcessHeap
WideCharToMultiByte
lstrlenW
VirtualAlloc
MultiByteToWideChar
GetProcAddress
LoadLibraryA
LocalSize
MapViewOfFile
CreateFileMappingA
GetModuleHandleA
GlobalFree
GlobalLock
GlobalAlloc
RtlMoveMemory
GetCPInfo
GetOEMCP
GetCommandLineA
RtlUnwind
TerminateProcess
RaiseException
HeapSize
GetACP
SetHandleCount
GetStdHandle
GlobalGetAtomNameA
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileTime
GetCurrentThread
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
GetStartupInfoA
RtlUnwind
GetSystemTime
GetLocalTime
RaiseException
ExitThread
GetFileType
HeapSize
GetACP
SetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetCurrentProcessId
CompareStringA
CompareStringW
IsBadReadPtr
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
FileTimeToLocalFileTime
InterlockedDecrement
InterlockedIncrement
FileTimeToSystemTime
FlushViewOfFile
lstrcpynA
lstrcmpiA
lstrcmpA
IsDBCSLeadByte
FormatMessageA
UnmapViewOfFile
TerminateThread
LocalFree
CreateFileMappingA
MapViewOfFile
Beep
WideCharToMultiByte
SetSystemPowerState
GetVersion
GetTimeZoneInformation
QueryPerformanceCounter
QueryPerformanceFrequency
SetLastError
MultiByteToWideChar
GetSystemDirectoryA
LoadLibraryExA
GetWindowsDirectoryA
OpenProcess
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
DeviceIoControl
InterlockedExchange
SetEvent
FindResourceA
IsBadCodePtr
LoadResource
LockResource
RemoveDirectoryA
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
CloseHandle
WaitForSingleObject
CreateProcessA
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
DeleteFileA
GetFileAttributesA
SetFileAttributesA
FindClose
FindFirstFileA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
ExpandEnvironmentStringsA
Sleep
CreateEventA
CreateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
lstrlenW
lstrlenA
LoadLibraryA
FreeLibrary
GetFullPathNameA
GetUserDefaultLCID
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
WinExec
lstrcatA
InitializeCriticalSection
DeleteCriticalSection
GlobalFree
GlobalSize

ole32

CLSIDFromString
OleUninitialize
OleInitialize
CLSIDFromProgID
OleRun
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CoCreateInstance

gdiplus

GdipSetSolidFillColor
GdipDeletePen
GdipLoadImageFromStream
GdipDisposeImage
GdipCreateFromHDC
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipGetImageWidth
GdipGetImageHeight
GdipLoadImageFromFile
GdipSetTextRenderingHint
GdipDeleteBrush
GdipGetImageEncoders
GdiplusStartup
GdipCreateSolidFill
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipDrawRectangleI

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetCompositionStringA
ImmGetContext

shell32

SHAppBarMessage
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA
ShellExecuteA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
OpenProcessToken

comctl32

ord17
ImageList_Write
ImageList_Read
ImageList_Create
ImageList_Destroy
ord17
_TrackMouseEvent
ImageList_AddMasked
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_Duplicate

shlwapi

PathFileExistsA

winmm

PlaySoundA
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
PlaySoundA

iphlpapi

GetAdaptersInfo

ws2_32

accept
getsockname
ntohs
__WSAFDIsSet
WSAGetLastError
getpeername
listen
recv
connect
ioctlsocket
recvfrom
sendto
socket
htonl
bind
htons
WSAAsyncSelect
closesocket
send
select
WSACleanup
WSAStartup
gethostbyname
inet_ntoa
inet_addr
gethostname

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA
AVIStreamGetFrame

rasapi32

RasGetConnectStatusA
RasHangUpA

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

oleaut32

UnRegisterTypeLi
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
VariantClear
SysAllocString
VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetConnectA

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 672KB - Virtual size: 1022KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac0df19add4ff8a7ee4cd0cc2c455e76

Headers

File Characteristics

Imports

user32

gdi32

kernel32

ole32

gdiplus

imm32

shell32

winspool.drv

advapi32

comctl32

shlwapi

winmm

iphlpapi

ws2_32

msvfw32

avifil32

rasapi32

comdlg32

oleaut32

wininet

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 4.4MB - Virtual size: 4.4MB

.data Size: 672KB - Virtual size: 1022KB

.rsrc Size: 188KB - Virtual size: 187KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 4.4MB - Virtual size: 4.4MB

.data
Size: 672KB - Virtual size: 1022KB

.rsrc
Size: 188KB - Virtual size: 187KB