2024-09-14_416112203839b41a67c54d28a54235da_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-14_416112203839b41a67c54d28a54235da_icedid
Size

1.6MB
MD5

416112203839b41a67c54d28a54235da
SHA1

d2be1b3cf11053d6fdc1520cf190ec13e3ce7456
SHA256

9c7d9bd3182dd64aa66fda597828c48556567fab3a7abd12727c07d415b44ae4
SHA512

6179113dc490e131c29333c741bbdb7e41e01ca5ffee45be55ddb34f65b8ef7f67e26ceea38b33ae08d03c04919ea849b0901cea92f3566fb035e5272bd4bb99
SSDEEP

24576:nAiqmQLF0hWZCbGTZaqdiXSp0c02uFG6dAk3HMFLnnma5g:AiYYewGTZaqdwk0c05HGiima5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-14_416112203839b41a67c54d28a54235da_icedid

Files

2024-09-14_416112203839b41a67c54d28a54235da_icedid
.exe windows:4 windows x86 arch:x86

34c65d0684482425e8dc8d1230e9d6b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
MessageBoxA

kernel32

GetVersion
GetVersionExA
VirtualFree
Sleep
GetCurrentProcess
OutputDebugStringA
TerminateProcess
OpenProcess
VirtualProtect
GetCurrentThread
ReadFile
SetFilePointer
VirtualAlloc
GetFileSize
lstrcatA
GetSystemDirectoryA
HeapReAlloc
HeapAlloc
GetProcessHeap
IsBadReadPtr
FreeLibrary
HeapFree
GetModuleFileNameA
RtlUnwind
HeapSize
GetModuleHandleA
IsBadWritePtr
GetStdHandle
WriteFile
WideCharToMultiByte
MultiByteToWideChar
CreateFileA
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLastError
LoadLibraryA
GetProcAddress
GetCurrentProcessId
WritePrivateProfileStringA
WaitForSingleObject
ReleaseMutex
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
OpenMutexA
CreateMutexA
InitializeCriticalSection
CompareStringW
CompareStringA
IsBadCodePtr
SetUnhandledExceptionFilter
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GlobalAlloc
GlobalFree
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
FlushInstructionCache
SetLastError
CreateThread
GetCurrentThreadId
CreateToolhelp32Snapshot
Thread32First
Thread32Next
SuspendThread
ResumeThread
CloseHandle
ExitProcess
SetEnvironmentVariableA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateThread

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

psapi

GetModuleFileNameExW
GetModuleFileNameExA

shlwapi

PathFindFileNameA
PathFindFileNameW
PathFindExtensionW
PathFindExtensionA

ws2_32

ntohl
inet_addr
ioctlsocket
connect
select
WSACleanup
send
recv
gethostbyname
WSAStartup
recvfrom
socket
setsockopt
htons
htonl
bind
closesocket
sendto
gethostname
inet_ntoa
WSAGetLastError

hid

HidD_GetFeature
HidD_FlushQueue
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetProductString
HidD_GetAttributes
HidD_GetHidGuid
HidD_SetFeature

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 446KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 876KB - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XSKey
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34c65d0684482425e8dc8d1230e9d6b5

Headers

File Characteristics

Imports

user32

kernel32

advapi32

psapi

shlwapi

ws2_32

hid

setupapi

Sections

.text Size: 446KB - Virtual size: 445KB

.rdata Size: 876KB - Virtual size: 876KB

.data Size: 60KB - Virtual size: 169KB

.rsrc Size: 32KB - Virtual size: 28KB

.XSKey Size: 260KB - Virtual size: 260KB

.text
Size: 446KB - Virtual size: 445KB

.rdata
Size: 876KB - Virtual size: 876KB

.data
Size: 60KB - Virtual size: 169KB

.rsrc
Size: 32KB - Virtual size: 28KB

.XSKey
Size: 260KB - Virtual size: 260KB