2024-10-03_3ade15ed1fa655ed556b22fb3144e41d_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-03_3ade15ed1fa655ed556b22fb3144e41d_icedid
Size

517KB
MD5

3ade15ed1fa655ed556b22fb3144e41d
SHA1

5660155daf0b94d2ece2cedbd48854422ae168a9
SHA256

34eaff7ff579303f632f5c41ec7f3f32b1181c076b203ee7692a0dbd3585bbc4
SHA512

6589eb71070b2155021b7d218e85d6f69b3ab7977b44d42123287311d39174fa00b573fb4d1d2d00725ba051ae80c462b9fe1a3761d1f125e7c481fb3b9aed1b
SSDEEP

6144:agejIXblzXaVZL4X5i6QXrLZMQaxMLgQbDGphG4jG4AfLQgROSeDprb:agptaV54I6K/ZMJMnGptmjp8DRb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-03_3ade15ed1fa655ed556b22fb3144e41d_icedid

Files

2024-10-03_3ade15ed1fa655ed556b22fb3144e41d_icedid
.exe windows:4 windows x86 arch:x86

46807aa5185a2d49f0990f54e5999f32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalLock
GlobalUnlock
GetCommandLineW
Sleep
ExitProcess
GlobalAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeA
GetOEMCP
GetTimeZoneInformation
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
GlobalDeleteAtom
GetCurrentThreadId
GetCurrentThread
CloseHandle
LocalFree
MulDiv
GlobalFree
GetLastError
FreeResource
GetVersionExA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalReAlloc
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
SetErrorMode
GetTickCount
RtlUnwind
HeapFree
TerminateProcess
HeapAlloc
HeapReAlloc

user32

GetFocus
SetMenuItemBitmaps
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetDlgItem
SetWindowPos
MapDialogRect
SetWindowContextHelpId
GetWindow
CopyRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
GetDlgCtrlID
EqualRect
AdjustWindowRectEx
GetSysColor
GetMenu
SetForegroundWindow
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
GetActiveWindow
GetLastActivePopup
GetForegroundWindow
IsChild
SetFocus
IsWindow
SendDlgItemMessageA
GetCapture
EndDialog
IsWindowEnabled
MoveWindow
ShowWindow
GetDC
ReleaseDC
GetMenuState
GetWindowDC
BeginPaint
EndPaint
DestroyMenu
GetSysColorBrush
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
IsWindowVisible
GetKeyState
SetTimer
DrawIcon
GetSystemMenu
IsIconic
GetWindowRect
GetClientRect
ScreenToClient
RedrawWindow
KillTimer
SetActiveWindow
GetSystemMetrics
MessageBeep
GetCursorPos
DestroyCursor
PtInRect
SetRect
SetRectEmpty
InflateRect
OffsetRect
UpdateWindow
InvalidateRect
SetCapture
GetParent
SetCursor
ReleaseCapture
CreateCursor
GetDesktopWindow
GetNextDlgTabItem
ValidateRect
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
CallNextHookEx
ClientToScreen
TranslateMessage
PostQuitMessage

gdi32

SetMapMode
GetMapMode
GetRgnBox
GetTextColor
GetStockObject
DeleteDC
ExtSelectClipRgn
CreatePen
Rectangle
CreateSolidBrush
CreateCompatibleDC
BitBlt
GetPixel
ScaleWindowExtEx
SetWindowExtEx
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
GetBkColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject

shell32

CommandLineToArgvW

quartz

AMGetErrorTextW

comctl32

ImageList_Create
ImageList_Destroy
ord17
ImageList_AddMasked

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

ole32

CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoInitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoCreateInstance
CoGetClassObject
CoTaskMemFree

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
VariantChangeType
SysStringLen
SysFreeString
VariantClear
VariantInit
SysAllocStringLen

advapi32

RegCloseKey

winspool.drv

ClosePrinter

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46807aa5185a2d49f0990f54e5999f32

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

quartz

comctl32

shlwapi

ole32

oleaut32

advapi32

winspool.drv

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 216KB - Virtual size: 216KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 216KB - Virtual size: 216KB