2024-11-22_7392fb8ed0ea7858f51e9f7cfbb4400f_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-11-22_7392fb8ed0ea7858f51e9f7cfbb4400f_icedid
Size

248KB
MD5

7392fb8ed0ea7858f51e9f7cfbb4400f
SHA1

ddbd9308af2cb04197a3db921d39ef27da21d355
SHA256

ac3d79cb933b48ff2b4d855be82d2223d74552e99bc361cad3cb51231d214d5a
SHA512

ec08cf3bc627370bc509ab0faf75223b4eb534ed6392e4a94842733fa132c17e258cf657a3acc16ddebd3810a8b98ff2c403b8023c5ddff3affe2c4b7448b568
SSDEEP

3072:B4pkArp0yocpcIDt+9bADzccj51VvsOQT/5aQr7d9lcPpOiGGaaDVU1RIMvP51D:B4pdrp0UPDtxUkVGRaQmpOZOq1RZvP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-11-22_7392fb8ed0ea7858f51e9f7cfbb4400f_icedid

Files

2024-11-22_7392fb8ed0ea7858f51e9f7cfbb4400f_icedid
.exe windows:4 windows x86 arch:x86

14101a08862ccc22cc65f198dfa62bff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualQuery
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
CloseHandle
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
ExitProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount
InterlockedExchange

user32

LoadCursorA
GetSysColorBrush
wsprintfA
DestroyMenu
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetCursor
PostQuitMessage
WindowFromPoint
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetMenuState
IsWindowEnabled
MoveWindow
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
IsWindow
ShowWindow
IsRectEmpty
PtInRect
InflateRect
OffsetRect
SendMessageA
PostMessageA
GetClientRect
RedrawWindow
SetTimer
KillTimer
GetCapture
SetCapture
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
GetClassInfoExA
GetFocus
GetParent
EnableWindow
GetSysColor
GetCursorPos
SetWindowTextA
ReleaseCapture
DrawIcon
AppendMenuA
GetSystemMenu
IsIconic
LoadIconA
GetSystemMetrics
GetWindow
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect

gdi32

GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePen
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
GetCurrentObject
SetPixel
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14101a08862ccc22cc65f198dfa62bff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 84KB - Virtual size: 83KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 84KB - Virtual size: 83KB