2024-09-21_00d6562d03f9edeb456b3a4c4f7053e0_hijackloader_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-21_00d6562d03f9edeb456b3a4c4f7053e0_hijackloader_icedid
Size

1.4MB
MD5

00d6562d03f9edeb456b3a4c4f7053e0
SHA1

340718c872011139a69fcea9ef72b975129bb1ec
SHA256

f739aaa1a9d47c20da51501ad0753e362197586901388dd03051dd806eea92a8
SHA512

e13cc098c417a0a12e16bd427d5ab11f3a3399f234d8552dbb07299d831c44771c75f9c4d26fd6b1bb254d40d4fdc089365e2888c286129509d01ded8aa3d2e8
SSDEEP

24576:ATjyXRETsAVs6SJ+l2acQim3ZAqbJqEiq:ATeqTsUSJxEHJb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-21_00d6562d03f9edeb456b3a4c4f7053e0_hijackloader_icedid

Files

2024-09-21_00d6562d03f9edeb456b3a4c4f7053e0_hijackloader_icedid
.exe windows:4 windows x86 arch:x86

864293221e733bca5381e565630b05a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
waveOutOpen
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutRestart
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
midiOutUnprepareHeader
waveOutWrite

ws2_32

connect
ioctlsocket
recvfrom
sendto
setsockopt
socket
htonl
bind
htons
recv
closesocket
send
select
WSACleanup
WSAStartup
gethostbyname
inet_ntoa
inet_addr
gethostname
listen
getpeername
accept
WSAGetLastError
WSASetLastError
ntohs
getsockname
__WSAFDIsSet
WSAAsyncSelect
ntohl
shutdown

kernel32

SetFilePointer
GetCurrentProcess
TerminateProcess
SetLastError
GetTimeZoneInformation
GetVersion
ExitThread
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
GetFileTime
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalFree
LocalAlloc
GetCurrentThread
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcmpA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SuspendThread
SetStdHandle
SetThreadPriority
lstrcpynA
GetStartupInfoA
TerminateThread
GetLocalTime
CreateMutexA
ReleaseMutex
GetFileSize
InterlockedIncrement
InterlockedDecrement
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
lstrlenW
RemoveDirectoryA
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
DeleteFileA
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
CreateProcessA
WaitForSingleObject
CloseHandle
GetSystemTime
RaiseException

user32

GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemCount
AdjustWindowRectEx
GetSysColorBrush
LoadStringA
UnregisterClassA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
SetWindowTextA
CharUpperA
GetWindowTextA
FindWindowExA
GetDlgItem
GetClassNameA
GetDesktopWindow
LoadIconA
TranslateMessage
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
SendDlgItemMessageA
GetScrollPos
DefWindowProcA
GetSystemMenu
DeleteMenu
GetMenu
SetMenu
RegisterWindowMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
GetWindowPlacement
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
WaitMessage
RegisterClassA
MapWindowPoints
EndDialog
CreateDialogIndirectParamA
GetWindowDC
GetWindowTextLengthA
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
IsRectEmpty
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
WaitForInputIdle
ScrollWindowEx
IsDialogMessageA
MoveWindow
GetMenuItemID
PeekMessageA
GetCapture

gdi32

LineTo
MoveToEx
ExcludeClipRect
SetWindowOrgEx
SetROP2
SetPolyFillMode
SetBkMode
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
OffsetViewportOrgEx
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
SetMapMode
SetTextColor
RestoreDC
SaveDC
ExtSelectClipRgn
GetViewportExtEx
GetTextMetricsA
CreatePolygonRgn
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
SelectPalette
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
CreatePen
PatBlt
CombineRgn
CreateRectRgn
FillRgn
CreateSolidBrush
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
GetDeviceCaps
GetTextExtentPoint32A
PtVisible
StretchBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

OleRun
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize
CoInitialize
CoUninitialize
CLSIDFromProgID

oleaut32

VariantCopyInd
VariantInit
SysAllocString
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
UnRegisterTypeLi
SysFreeString
SysStringLen
SafeArrayCreateVector
VariantChangeType
VariantClear
VariantCopy
SysAllocStringByteLen
GetErrorInfo

comctl32

ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate

Sections

.text
Size: 900KB - Virtual size: 897KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

864293221e733bca5381e565630b05a1

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 900KB - Virtual size: 897KB

.rdata Size: 336KB - Virtual size: 333KB

.data Size: 140KB - Virtual size: 472KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 900KB - Virtual size: 897KB

.rdata
Size: 336KB - Virtual size: 333KB

.data
Size: 140KB - Virtual size: 472KB

.rsrc
Size: 24KB - Virtual size: 23KB