2025-02-07_0d693fa6577930f3effe9415ed240a39_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-07_0d693fa6577930f3effe9415ed240a39_icedid
Size

184KB
MD5

0d693fa6577930f3effe9415ed240a39
SHA1

7e7eb075fe16de13a8f2b8416bce39682675fa8c
SHA256

fdbd847b84823380d85b7de1296fb1f93f26348c511abba206b2eef152a2567b
SHA512

805434b1e301bc2ba09f72bc4424b242f769e3ad230fab2400ef85e0df04463390d3d2ae195e701ab33c16c8274f08bd21415f18ab984685c9699e0192bfb038
SSDEEP

3072:gY35A8AJo3yvG6mnXIyehsCglKxWW6EzlN8yqH7KtF+fQeKRZMWYEomzFsH:r5ADJcyvGZXTAsVKUvET8vKtF+fQvcWc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-07_0d693fa6577930f3effe9415ed240a39_icedid

Files

2025-02-07_0d693fa6577930f3effe9415ed240a39_icedid
.exe windows:4 windows x86 arch:x86

818de3f339b75cdbf042c23b2c418ae8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrcmpW
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
CloseHandle
WritePrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LocalAlloc
GetCurrentProcess
CreateFileA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
SetErrorMode
GetModuleFileNameA
lstrcatA
SetLastError
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
ReadConsoleInputA
GetCommandLineA
SetConsoleTitleA
GetStdHandle
GetProcessHeap
WaitForMultipleObjects
GetModuleHandleA
GetProcAddress
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WaitForSingleObject
CreateThread
Sleep
ExitThread
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterA
SetConsoleTextAttribute
WriteConsoleA
lstrcpyA
lstrlenA
GetConsoleMode
SetConsoleMode

user32

DestroyMenu
LoadIconA
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
CheckMenuItem
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
SetMenuItemBitmaps
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
PostMessageA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetMenuCheckMarkDimensions
LoadBitmapA
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetWindowTextA
GetWindow
wsprintfA
ShowWindow
ModifyMenuA
EnableMenuItem
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
IsIconic
GetMessagePos

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
CryptAcquireContextA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

ws2_32

connect
gethostbyname
htons
recv
WSAStartup
inet_addr
socket
send

gdi32

DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

oleaut32

VariantChangeType
VariantInit
VariantClear

Exports

Exports

drtffDWEUFEUFUWEGFUYBG

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

818de3f339b75cdbf042c23b2c418ae8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

shlwapi

ws2_32

gdi32

winspool.drv

oleaut32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 60KB - Virtual size: 59KB