2024-10-04_b013cee73cb3eb343ad26d3ef0cf6b86_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-04_b013cee73cb3eb343ad26d3ef0cf6b86_icedid
Size

5.8MB
MD5

b013cee73cb3eb343ad26d3ef0cf6b86
SHA1

75c134d12b54bd6f0f6583991e675690a7530f56
SHA256

b6e63039996f2735951c6637397f0f78969870e8d80a90990f7f0ae4b7ab418e
SHA512

e400914d0342b876f955055d134ed24f33933fd45cd60af2cb3ab5cde1b671b88c58fd9e9391d315ea4fecf86e7e517fa5351bbd61078a9328c08c1bee250e42
SSDEEP

98304:CZ+QAhhob7auamUlYBo3FDi7k2KseNu0+KZ:zXVGifFDiw2Uu0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-04_b013cee73cb3eb343ad26d3ef0cf6b86_icedid

Files

2024-10-04_b013cee73cb3eb343ad26d3ef0cf6b86_icedid
.exe windows:4 windows x86 arch:x86

981052a0a870fbdd9d19b7170f6fb8e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSASetLastError
gethostname
WSAStartup
socket
htons
gethostbyname
connect
WSACleanup
closesocket
inet_ntoa
recv
send

kernel32

LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
SetErrorMode
SetFilePointer
SetEndOfFile
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
SetFileAttributesA
RtlUnwind
GetDriveTypeA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
SetCurrentDirectoryA
SetEnvironmentVariableA
GetFileType
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapAlloc
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
GetACP
SetStdHandle
SetHandleCount
TlsSetValue
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
GetProfileStringA
LocalFree
FormatMessageA
GetModuleFileNameA
CopyFileA
CreateDirectoryA
GetWindowsDirectoryA
WriteProfileStringA
GetLastError
GetCurrentProcess
GlobalFree
GlobalUnlock
GlobalLock
lstrlenA
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
GlobalFlags
lstrcpynA
lstrcmpA
GetCurrentThread
GetTickCount
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
WritePrivateProfileSectionA
GetSystemDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
MulDiv
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
CreateProcessA
MoveFileA
SetLastError
SetupComm
GetCommState
SetCommState
GetCommTimeouts
SetCommTimeouts
ReadFile
PurgeComm
ClearCommError
WriteFile
FlushFileBuffers
GetExitCodeThread
TerminateThread
CreateThread
CreateFileA
GetFileTime
CloseHandle
SetFileTime
GetModuleHandleA
GetProcAddress
GetVersionExA
GlobalAlloc
LocalAlloc
Sleep
MultiByteToWideChar
GetStdHandle

user32

GetSysColorBrush
LoadStringA
PostThreadMessageA
InvalidateRect
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextA
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
IsWindowEnabled
GetWindowRect
SetForegroundWindow
TranslateMessage
DispatchMessageA
PeekMessageA
EnableWindow
GetDC
ReleaseDC
LoadIconA
LoadBitmapA
HideCaret
GetDlgItem
MessageBoxA
ExitWindowsEx
PtInRect
GetClassNameA
GetMessageA
ValidateRect
GetCursorPos
PostQuitMessage
RegisterClipboardFormatA
DestroyMenu
LoadCursorA
SetCursor
GetDesktopWindow
PostMessageA
UpdateWindow
IsIconic
SendMessageA
GetClientRect
DrawIcon
BeginPaint
EndPaint
GetSystemMetrics
LoadImageA
CopyRect
DrawFocusRect
IsWindowUnicode
CharNextA
InflateRect
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
UnregisterClassA
CreateWindowExA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
SetBkMode
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateFontA
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC
GetStockObject
PatBlt
GetTextExtentPointA
CreateDIBitmap
CreateSolidBrush

comdlg32

PrintDlgA

winspool.drv

GetPrinterDriverDirectoryA
OpenPrinterA
DeletePrinter
ClosePrinter
DocumentPropertiesA

advapi32

OpenServiceA
OpenSCManagerA
RegCloseKey
CloseServiceHandle
DeleteService
RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderPathA
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleUninitialize
OleInitialize
CoCreateInstance
CoRevokeClassObject
OleIsCurrentClipboard
CoFreeUnusedLibraries

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

981052a0a870fbdd9d19b7170f6fb8e9

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 76KB - Virtual size: 176KB

.rsrc Size: 5.4MB - Virtual size: 5.4MB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 76KB - Virtual size: 176KB

.rsrc
Size: 5.4MB - Virtual size: 5.4MB