2025-02-18_be3d4313224a000c4f98d7368d9b1dce_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-18_be3d4313224a000c4f98d7368d9b1dce_icedid
Size

3.1MB
MD5

be3d4313224a000c4f98d7368d9b1dce
SHA1

39d01996c6f6f58b632ef8349e85cd654407781b
SHA256

5cd4702118c829844f1c7df478873aa665065a2ca294967ea7897220053f9280
SHA512

4bef82cdebc86bac32da48ce67ccd5b2c8d15df243e2f95d7478307dba505539a7db1173a0831ff04b5ba12b4970c4f1d24a9df19b61bdffb91fc89fd2d2ddfe
SSDEEP

24576:tiavoBsWMh+WRL1jO/tM04HZMjQCFdoh+x0k152Hn/vM/vyi7uVo6CoG2km45ux8:6wJRkXewos2igH/vQyNvsETCtEw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-18_be3d4313224a000c4f98d7368d9b1dce_icedid

Files

2025-02-18_be3d4313224a000c4f98d7368d9b1dce_icedid
.exe windows:4 windows x86 arch:x86

5e2c962e6a57d318cf9c65ba37548e0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
FileTimeToSystemTime
TlsFree
InterlockedIncrement
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetErrorMode
GetTickCount
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
RtlUnwind
HeapReAlloc
CreateThread
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetOEMCP
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsBadReadPtr
IsBadCodePtr
LCMapStringA
SetStdHandle
SetEnvironmentVariableA
IsProcessorFeaturePresent
QueryPerformanceFrequency
LocalFree
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
GetFileTime
SetFileTime
SetEvent
WaitForSingleObject
SetThreadPriority
CloseHandle
GetCurrentThread
GlobalAlloc
lstrcmpA
lstrcmpiA
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
MulDiv
GetCurrentThreadId
GlobalDeleteAtom
lstrlenA
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
Sleep
FindFirstFileA
FindNextFileA
CreateFileA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GetFullPathNameA
SetLastError
GetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
FreeLibrary
LoadResource
LockResource
SizeofResource
RaiseException
GetCommandLineW
GetThreadLocale
GetLocaleInfoA
GetACP
LocalReAlloc
InterlockedExchange

user32

CreateMenu
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
ShowCursor
CallNextHookEx
SendDlgItemMessageA
GetFocus
IsChild
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
IsWindowVisible
DestroyIcon
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetSystemMenu
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
GetScrollPos
SetScrollPos
GetWindow
SetFocus
GetActiveWindow
SetActiveWindow
GetSystemMetrics
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
InflateRect
RemoveMenu
GetSysColorBrush
GetMenu
SetParent
DeleteMenu
IsZoomed
UnpackDDElParam
ReuseDDElParam
CreatePopupMenu
SetRectEmpty
SetMenu
RedrawWindow
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
WindowFromPoint
ReleaseCapture
SetCapture
KillTimer
SetTimer
SetWindowRgn
DrawIcon
IsRectEmpty
DestroyCursor
SetRect
DestroyMenu
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
SetCursor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetCapture
ClientToScreen
GetWindowRect
GetDesktopWindow
PtInRect
FillRect
UpdateWindow
GetForegroundWindow
SetMenuItemBitmaps
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
PostQuitMessage
MessageBoxA
InvalidateRect
MessageBeep
GetClientRect
EqualRect
GetDC

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
DeleteObject
Rectangle
CreatePen
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
CreateDIBSection
GetWindowOrgEx
GetTextExtentPoint32A
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
RestoreDC
GetNearestColor
CombineRgn
SetRectRgn
CreateRectRgnIndirect
StretchDIBits
CreateCompatibleBitmap
Ellipse
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
PatBlt
DPtoLP
GetViewportOrgEx
CreateSolidBrush
GetDeviceCaps
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetBkColor
GetClipBox

shell32

DragFinish
CommandLineToArgvW

ole32

OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantClear
VariantChangeType
SysAllocStringLen
VariantInit

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

advapi32

RegCloseKey
GetFileSecurityW
RegQueryValueExA
RegOpenKeyA
SetFileSecurityW

comdlg32

CommDlgExtendedError

winmm

timeGetTime

winspool.drv

ClosePrinter

oleacc

CreateStdAccessibleObject
LresultFromObject

comctl32

ord17
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Draw

wsock32

htonl
inet_ntoa
socket
send
setsockopt
htons
WSACleanup
recvfrom
listen
accept
sendto
bind
WSAStartup
shutdown
connect
gethostbyname
ioctlsocket
closesocket
recv

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

dsound

ord11

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 548KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e2c962e6a57d318cf9c65ba37548e0c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

advapi32

comdlg32

winmm

winspool.drv

oleacc

comctl32

wsock32

d3d9

dinput8

dsound

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 236KB - Virtual size: 235KB

.data Size: 548KB - Virtual size: 601KB

.rsrc Size: 244KB - Virtual size: 244KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 236KB - Virtual size: 235KB

.data
Size: 548KB - Virtual size: 601KB

.rsrc
Size: 244KB - Virtual size: 244KB