2024-09-01_5c65f9c25649af7b36a8bf0df488aa2e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-01_5c65f9c25649af7b36a8bf0df488aa2e_icedid
Size

1.4MB
MD5

5c65f9c25649af7b36a8bf0df488aa2e
SHA1

4815a1f4a3ecb2a352f1b64a968941dfb27789a4
SHA256

1a7619593963e971f85f7fe7abdba6fc7e692c156073bf2f114cdfe21d51820a
SHA512

50b911ff192e3ef340637f6358747ede3b50f5b63c0360b245bf02c248b7bc31e2ca7937d7826b7916d09e8093b748d2079036c1ba14582858f4e02d06cf621c
SSDEEP

24576:q9J6lyd6J0B2IiAKJYjfhSMJqTfoPNseMwV:q9Jeyd++d7hDcg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-01_5c65f9c25649af7b36a8bf0df488aa2e_icedid

Files

2024-09-01_5c65f9c25649af7b36a8bf0df488aa2e_icedid
.exe windows:4 windows x86 arch:x86

fe74041d83fe4a7a2bbe9c92fbdfe228

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
InterlockedDecrement
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetModuleFileNameA
lstrcmpA
GlobalAlloc
GetCurrentThread
CloseHandle
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
LocalFree
FormatMessageA
lstrcmpW
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
lstrcpynA
GlobalFree
FreeResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
GetComputerNameA
GetProfileIntA
Sleep
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
wsprintfA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
CharNextA
IsRectEmpty
CopyAcceleratorTableA
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
UnregisterClassA
GetSysColor
EndPaint
BeginPaint
GetWindowDC
LoadBitmapA
EnableWindow
LoadIconA
GetSystemMetrics
DefWindowProcA
PtInRect
SetRect
FillRect
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetClientRect
GetDC
ReleaseDC
InvalidateRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetTimer
KillTimer
LoadCursorA
SetCursor
GetKeyState
CharUpperA
GetMenuItemID
GetSubMenu
LoadMenuA
SendMessageA
TrackPopupMenu
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
DrawStateA
CopyRect
InflateRect
GetWindowTextA
DrawFocusRect
GetMenuItemCount
EqualRect

gdi32

GetDeviceCaps
CreateRectRgnIndirect
GetMapMode
RestoreDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
GetClipBox
LineTo
MoveToEx
DeleteObject
GetObjectA
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreatePen
CreateCompatibleDC
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateSolidBrush
CreateFontA
GetTextExtentPoint32A
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetStockObject
CreateBitmap
DeleteDC
ExtSelectClipRgn
SetWindowExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
GetRgnBox
SaveDC

shell32

Shell_NotifyIconA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

winmm

sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyA

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoRevokeClassObject
OleUninitialize
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard

oleaut32

SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe74041d83fe4a7a2bbe9c92fbdfe228

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

shlwapi

oledlg

winmm

oleacc

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB