2024-09-03_b0aa7acd8c334d4a64eec6cc8b679d6d_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-03_b0aa7acd8c334d4a64eec6cc8b679d6d_icedid
Size

1.3MB
MD5

b0aa7acd8c334d4a64eec6cc8b679d6d
SHA1

0a9f8681b06d289ecc88d88d7d56b675d6054553
SHA256

473290e4e032954038c26091fa0a80b54095ade34151335b141901388910badd
SHA512

19d56b2f42bd41ff9a76692a422008a2a2119ae3a863ec702bb681c99d015b0667568fe621448cb14bc0cf160b99d73946d0eed12ccee0eb5324fa5df8f1b493
SSDEEP

12288:erlmRj3oi/1iPEW9dhDsphEup6DlzQQlPBHKacPgJhLgv1zN28:0mtYLPEShDSiup65lAgJhS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-03_b0aa7acd8c334d4a64eec6cc8b679d6d_icedid

Files

2024-09-03_b0aa7acd8c334d4a64eec6cc8b679d6d_icedid
.exe windows:4 windows x86 arch:x86

f089558381d29fa5d88397806f7d0221

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
InterlockedDecrement
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetModuleFileNameA
lstrcmpA
GlobalAlloc
GetCurrentThread
CloseHandle
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
LocalFree
FormatMessageA
lstrcatA
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
lstrcmpW
lstrcpynA
GlobalFree
FreeResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
GetComputerNameA
GetProfileIntA
Sleep
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
wsprintfA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
CharNextA
IsRectEmpty
CopyAcceleratorTableA
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
GetMenuItemCount
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
UnregisterClassA
GetSysColor
EndPaint
BeginPaint
LoadBitmapA
EnableWindow
LoadIconA
GetSystemMetrics
DefWindowProcA
PtInRect
SetRect
FillRect
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetClientRect
GetDC
ReleaseDC
InvalidateRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetTimer
KillTimer
LoadCursorA
SetCursor
CharUpperA
GetMenuItemID
GetSubMenu
LoadMenuA
SendMessageA
TrackPopupMenu
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
DrawStateA
CopyRect
InflateRect
GetWindowTextA
DrawFocusRect
PostMessageA
EqualRect

gdi32

GetDeviceCaps
CreateRectRgnIndirect
GetMapMode
RestoreDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
GetClipBox
LineTo
MoveToEx
DeleteObject
GetObjectA
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
CreatePen
CreateCompatibleDC
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateSolidBrush
CreateFontA
RoundRect
GetTextExtentPoint32A
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetStockObject
CreateBitmap
DeleteDC
SetWindowExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
SaveDC

shell32

Shell_NotifyIconA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oledlg

ord8

winmm

sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyA

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoRevokeClassObject
OleUninitialize
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard

oleaut32

SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f089558381d29fa5d88397806f7d0221

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

shlwapi

oledlg

winmm

oleacc

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB