2024-01-18_bfab09e2efef31d9ae9387e39b520f76_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-18_bfab09e2efef31d9ae9387e39b520f76_icedid
Size

1.5MB
MD5

bfab09e2efef31d9ae9387e39b520f76
SHA1

e3b46db239d45db0e4369d8c8fd887a564137997
SHA256

2ad18b62cd4b183525dc9f873b573eb933f3526e6f87c17b66fd8359b996c134
SHA512

d7732967b194885bd052a20d0bd78468707a62014ad7c02d11cf34baef05ce15665dfd9a567ea39bbaadaf1f8c41a30760a510ddf592649a167cdd877aa08ab8
SSDEEP

24576:oe3tsclD7Uc9xIZBqHj2PQyJ4pTI0VWniTzEWwC9/E:r3jhU6x8qDQHJ4pc8eSzEWJ9/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-18_bfab09e2efef31d9ae9387e39b520f76_icedid

Files

2024-01-18_bfab09e2efef31d9ae9387e39b520f76_icedid
.exe windows:4 windows x86 arch:x86

9e15ebfc369d6bb00842cc6beb884c1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

imm32

ImmSetCompositionWindow
ImmIsIME
ImmGetContext
ImmReleaseContext

kernel32

HeapDestroy
HeapCreate
IsBadWritePtr
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetUnhandledExceptionFilter
HeapSize
GetFileType
SetStdHandle
HeapReAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
UnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualProtect
HeapFree
HeapAlloc
ExitThread
RtlUnwind
GetDriveTypeA
LocalFileTimeToFileTime
GetShortPathNameA
GetVolumeInformationA
UnlockFile
LockFile
FlushFileBuffers
GetOEMCP
GetCPInfo
SystemTimeToFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetFullPathNameA
GetFileTime
SetFileTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpW
GetProfileIntA
GlobalSize
RaiseException
LocalFree
GetStringTypeExA
CompareStringW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
GetWindowsDirectoryA
WinExec
FormatMessageA
LocalAlloc
FindNextFileA
SetEndOfFile
CreateDirectoryA
CopyFileA
SetFilePointer
GetFileSize
InterlockedExchangeAdd
InterlockedDecrement
InterlockedIncrement
lstrcpynA
lstrcmpA
MultiByteToWideChar
DuplicateHandle
CreateThread
GetLastError
GetCurrentProcess
GlobalFree
TerminateProcess
CompareStringA
GetModuleHandleA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetLastError
GetTickCount
GetVersion
FreeLibrary
SetEnvironmentVariableA
MulDiv
lstrlenW
GetEnvironmentVariableA
SearchPathA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
WaitForSingleObject
Sleep
ResetEvent
SetEvent
CreateEventA
GetProcAddress
SetErrorMode
LoadLibraryA
lstrcmpiA
GlobalAlloc
GetDateFormatA
GetTimeFormatA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalLock
GlobalUnlock
ReadFile
lstrcpyA
lstrcatA
GetFileAttributesA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
MoveFileA
FindFirstFileA
DeleteFileA
FindClose
OutputDebugStringA
GetComputerNameA
GetLocalTime
GetModuleFileNameA
lstrlenA
LCMapStringA
GetStringTypeW
GetCurrentDirectoryA
GetStringTypeA
QueryPerformanceCounter

user32

LockWindowUpdate
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
CharNextA
InvalidateRgn
GetNextDlgGroupItem
InsertMenuItemA
BringWindowToTop
ScrollWindowEx
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
WinHelpA
GetClassInfoExA
SendDlgItemMessageA
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollRange
GetScrollRange
GetScrollPos
ShowScrollBar
RegisterClassA
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
AdjustWindowRectEx
SetMenuItemBitmaps
CheckMenuItem
GetMenuCheckMarkDimensions
UnregisterClassA
GetMenuStringA
IsZoomed
TrackMouseEvent
FindWindowA
SetForegroundWindow
IsIconic
CopyIcon
MessageBeep
CreateAcceleratorTableA
MonitorFromPoint
GetNextDlgTabItem
SetFocus
SetScrollInfo
MoveWindow
DrawIconEx
DestroyWindow
GetClassInfoA
ShowWindow
SetWindowRgn
SetWindowTextA
IsCharAlphaA
GetSysColorBrush
GetDCEx
SetParent
GetWindow
SetActiveWindow
GetActiveWindow
FrameRect
PeekMessageA
GetMessageA
DispatchMessageA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
WindowFromPoint
GetClassLongA
EnableMenuItem
CopyAcceleratorTableA
MapVirtualKeyA
GetKeyNameTextA
GetSystemMenu
RegisterWindowMessageA
SetPropA
GetMessagePos
RemovePropA
SetLayeredWindowAttributes
CopyImage
SetMenuInfo
MenuItemFromPoint
CreateWindowExA
ValidateRect
BeginPaint
EndPaint
DefWindowProcA
RedrawWindow
IsMenu
DestroyIcon
GetIconInfo
GetMenuItemRect
MonitorFromRect
GetMonitorInfoA
SetMenu
CallWindowProcA
IsChild
GetDesktopWindow
GetWindowDC
DrawMenuBar
GetMenu
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
LoadMenuA
DeleteMenu
DrawEdge
FillRect
WindowFromDC
GetMenuInfo
SystemParametersInfoA
SetRectEmpty
IsCharAlphaNumericA
wsprintfA
CharLowerA
CharUpperA
IsClipboardFormatAvailable
DestroyCaret
PtInRect
PostMessageA
GetClientRect
UpdateWindow
IsWindowVisible
SetCaretPos
HideCaret
ShowCaret
DrawStateA
SetWindowLongA
LoadImageA
EnumChildWindows
GetClassNameA
GetWindowLongA
BeginDeferWindowPos
EndDeferWindowPos
GetCapture
DeferWindowPos
GetWindowTextA
IsWindowEnabled
GetSystemMetrics
DrawFrameControl
LoadIconA
GetWindowRect
GetDlgItem
AppendMenuA
CreatePopupMenu
IntersectRect
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
WaitMessage
GetWindowThreadProcessId
DrawIcon
DestroyCursor
TranslateMessage
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
IsRectEmpty
GrayStringA
DrawTextExA
TabbedTextOutA
DrawFocusRect
EqualRect
SetRect
GetScrollInfo
InflateRect
CopyRect
SetWindowPos
LoadBitmapA
ClientToScreen
GetClipboardData
GetKeyState
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetCapture
CreateDialogIndirectParamA
EndDialog
UnpackDDElParam
ReuseDDElParam
GetPropA
DestroyMenu
EnableWindow
SendMessageA
CreateCaret
IsCharLowerA
GetAsyncKeyState
GetSysColor
DestroyAcceleratorTable
OffsetRect
DrawTextA
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
KillTimer
GetParent
GetCaretPos
EnableScrollBar
TranslateAcceleratorA
IsWindow
GetKeyboardLayout
ReleaseCapture
SetCursor
LoadCursorA
GetCursorPos
GetFocus
LoadAcceleratorsA
RegisterClipboardFormatA
SetTimer
SetScrollPos

gdi32

GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SetRectRgn
GetMapMode
StretchDIBits
GetCharWidthA
GetBkColor
GetViewportOrgEx
CreateEllipticRgn
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextFaceA
GetRgnBox
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
CreateDCA
CopyMetaFileA
CreateRoundRectRgn
Polyline
SetBkMode
LPtoDP
Polygon
LineTo
SetTextColor
CreatePolygonRgn
PatBlt
EnumFontFamiliesA
GetStockObject
CreateFontA
GetWindowOrgEx
SelectClipRgn
SetWindowOrgEx
GetCurrentObject
GetTextAlign
GetLayout
SetTextAlign
MoveToEx
SelectPalette
CreateFontIndirectA
GetCurrentPositionEx
GetTextColor
SetPixel
GetPixel
GetNearestColor
SetBrushOrgEx
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreateSolidBrush
UnrealizeObject
CreateBitmap
GetDIBColorTable
RealizePalette
CreateHalftonePalette
CreatePalette
DeleteDC
LineDDA
RoundRect
Rectangle
GetClipBox
Escape
RectVisible
PtVisible
Ellipse
CreatePen
SetBkColor
ExtTextOutA
TextOutA
DeleteObject
GetTextExtentExPointA
GetTextExtentPoint32A
GetObjectA
GetTextMetricsA
BitBlt
DPtoLP
SelectObject
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPointA

comdlg32

GetFileTitleA
CommDlgExtendedError
ChooseFontA
GetOpenFileNameA
PrintDlgA
PageSetupDlgA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

advapi32

RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA
RegSetValueA
RegOpenKeyA
RegEnumKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
GetUserNameA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ExtractIconA
SHGetFileInfoA
SHCreateDirectoryExA
SHGetFolderPathA
DragQueryFileA
DragFinish
DragAcceptFiles

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_Add
ImageList_Replace
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
ImageList_GetIconSize
ImageList_GetImageInfo
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
GetRunningObjectTable
CreateBindCtx
CoCreateInstance
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateStreamOnHGlobal
DoDragDrop
CoRevokeClassObject
OleFlushClipboard

oleaut32

SystemTimeToVariantTime
SysFreeString
VariantTimeToSystemTime
VarDateFromStr
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantCopy
VariantClear
VariantChangeType
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayGetDim
SafeArrayCreate
SafeArrayPutElement
SysStringLen
CreateErrorInfo
SysAllocStringLen
SysAllocString
OleCreateFontIndirect

Sections

.text
Size: 880KB - Virtual size: 879KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 358KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e15ebfc369d6bb00842cc6beb884c1b

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 880KB - Virtual size: 879KB

.rdata Size: 262KB - Virtual size: 262KB

.data Size: 34KB - Virtual size: 50KB

.rsrc Size: 358KB - Virtual size: 395KB

.text
Size: 880KB - Virtual size: 879KB

.rdata
Size: 262KB - Virtual size: 262KB

.data
Size: 34KB - Virtual size: 50KB

.rsrc
Size: 358KB - Virtual size: 395KB