2024-10-14_1bdea0578d375ca773f64b7712fccced_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-14_1bdea0578d375ca773f64b7712fccced_icedid
Size

940KB
MD5

1bdea0578d375ca773f64b7712fccced
SHA1

092df5bf2861396acdeaccf296f73515be0634aa
SHA256

3ecb6d0a6191c869d0546b8d3357e703403a50f01bfb36d92a96b03a9ef8f412
SHA512

d9348301a6e8c803192d84c2ae84e1646bcec74b58c2a5e2d83b2feb4e849e725ec2ccae2a61f254a15fb0b6d62c07b3946f4d6b15f3705da0b69891f9c72b5c
SSDEEP

12288:g90WrtkHJvV0QFkoYlqWFj+diuBh/SDOTpXXAmCQlkDjQLSuc6zTMwDbF:g9/rtkHJd0WkFj8h/WOTp/iBuc6zYgh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-14_1bdea0578d375ca773f64b7712fccced_icedid

Files

2024-10-14_1bdea0578d375ca773f64b7712fccced_icedid
.exe windows:4 windows x86 arch:x86

34c65d0684482425e8dc8d1230e9d6b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
MessageBoxA

kernel32

GetVersion
GetVersionExA
VirtualFree
Sleep
GetCurrentProcess
OutputDebugStringA
TerminateProcess
OpenProcess
VirtualProtect
GetCurrentThread
ReadFile
SetFilePointer
VirtualAlloc
GetFileSize
lstrcatA
GetSystemDirectoryA
HeapReAlloc
HeapAlloc
GetProcessHeap
IsBadReadPtr
FreeLibrary
HeapFree
GetModuleFileNameA
RtlUnwind
HeapSize
GetModuleHandleA
IsBadWritePtr
GetStdHandle
WriteFile
WideCharToMultiByte
MultiByteToWideChar
CreateFileA
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLastError
LoadLibraryA
GetProcAddress
GetCurrentProcessId
WritePrivateProfileStringA
WaitForSingleObject
ReleaseMutex
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
OpenMutexA
CreateMutexA
InitializeCriticalSection
CompareStringW
CompareStringA
IsBadCodePtr
SetUnhandledExceptionFilter
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GlobalAlloc
GlobalFree
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
FlushInstructionCache
SetLastError
CreateThread
GetCurrentThreadId
CreateToolhelp32Snapshot
Thread32First
Thread32Next
SuspendThread
ResumeThread
CloseHandle
ExitProcess
SetEnvironmentVariableA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateThread

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

psapi

GetModuleFileNameExW
GetModuleFileNameExA

shlwapi

PathFindFileNameA
PathFindFileNameW
PathFindExtensionW
PathFindExtensionA

ws2_32

ntohl
inet_addr
ioctlsocket
connect
select
WSACleanup
send
recv
gethostbyname
WSAStartup
recvfrom
socket
setsockopt
htons
htonl
bind
closesocket
sendto
gethostname
inet_ntoa
WSAGetLastError

hid

HidD_GetFeature
HidD_FlushQueue
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetProductString
HidD_GetAttributes
HidD_GetHidGuid
HidD_SetFeature

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

Exports

Exports

??0MetaTrace@@QAE@ABV0@@Z
??4MetaTrace@@QAEAAV0@ABV0@@Z
??_7MetaTrace@@6B@

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XSKey
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34c65d0684482425e8dc8d1230e9d6b5

Headers

File Characteristics

Imports

user32

kernel32

advapi32

psapi

shlwapi

ws2_32

hid

setupapi

Exports

Exports

Sections

.text Size: 408KB - Virtual size: 407KB

.rdata Size: 88KB - Virtual size: 84KB

.data Size: 64KB - Virtual size: 84KB

.rsrc Size: 116KB - Virtual size: 112KB

.XSKey Size: 260KB - Virtual size: 260KB

.text
Size: 408KB - Virtual size: 407KB

.rdata
Size: 88KB - Virtual size: 84KB

.data
Size: 64KB - Virtual size: 84KB

.rsrc
Size: 116KB - Virtual size: 112KB

.XSKey
Size: 260KB - Virtual size: 260KB