2024-01-24_801f3e5a8588095e90c80cdd70ef29e3_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-24_801f3e5a8588095e90c80cdd70ef29e3_icedid
Size

11.3MB
MD5

801f3e5a8588095e90c80cdd70ef29e3
SHA1

7aa67d7a8eff8f5a6b7a71e16aa46e5c7c2c6bbb
SHA256

5797c85f52670c802f16b6f313c3b97bf1d2cff1217acede9a24cb9017c09e8d
SHA512

de08a0630735b0cd8101634fb492d5a7329ad24f7c309887f60b335bfc4af2acd2a17a528d535209df1b38922879274a53122ddfbaa0e2d0e526dda3d7584048
SSDEEP

196608:iqub7eyMu6c9KDQRgyKnF3IHCgmd0UmTvCbsImLY+v6DcyRWVoh9slsoyu:iqunOuDsrF3OjKbsIj06DBRPh9kv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-24_801f3e5a8588095e90c80cdd70ef29e3_icedid

Files

2024-01-24_801f3e5a8588095e90c80cdd70ef29e3_icedid
.exe windows:5 windows x86 arch:x86

9629d2442037ad83fd5827063222eb66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
GetNextDlgGroupItem
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageW
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
GetMenuItemInfoW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
ShowOwnedPopups
GetMessageW
TranslateMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
MoveWindow
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetAsyncKeyState
LockWindowUpdate
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemCount
RemoveMenu
DrawTextW
CopyRect
EqualRect
SetRectEmpty
CheckDlgButton
CharUpperW
UpdateWindow
ShowWindow
DestroyWindow
MessageBoxW
IsDlgButtonChecked
SendDlgItemMessageW
wsprintfW
GetDlgItemTextW
SetWindowTextW
EndDialog
DestroyIcon
LoadIconW
LoadStringW
GetDlgItem
SetDlgItemTextW
IntersectRect
IsRectEmpty
InflateRect
TrackMouseEvent
CheckMenuItem
GetSubMenu
LoadMenuW
ReleaseDC
OffsetRect
GetParent
FillRect
GetDC
SetWindowRgn
SetLayeredWindowAttributes
GetWindowLongW
SetWindowLongW
LoadImageW
GetSysColor
InvalidateRect
LoadCursorW
PtInRect
GetCursorPos
GetWindowRect
SendMessageW
KillTimer
GetMonitorInfoW
GetSystemMetrics
MonitorFromWindow
IsWindow
SetTimer
PostMessageW
NotifyWinEvent
WindowFromPoint
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
DialogBoxIndirectParamW
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
SetScrollPos
SetClassLongW
CreatePopupMenu
DestroyAcceleratorTable
SetParent
IsZoomed
UnregisterClassW
IsIconic
CopyImage
RealChildWindowFromPoint
EnumDisplayMonitors
DeleteMenu
GetSysColorBrush
SystemParametersInfoW
GetScrollRange
DestroyMenu
SetRect
EnableWindow
SetCursor
GetClientRect
GetMenuItemID
CharNextW

d3d9

Direct3DCreate9

kernel32

HeapCreate
HeapDestroy
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
LCMapStringW
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetEnvironmentVariableA
GetDriveTypeW
SizeofResource
LockResource
LoadResource
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
HeapSize
HeapQueryInformation
HeapReAlloc
RaiseException
CreateThread
ExitThread
ExitProcess
RtlUnwind
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceW
lstrcmpiW
GetModuleFileNameW
GetTempPathW
lstrlenW
lstrlenA
MultiByteToWideChar
CreateFileW
WriteFile
CloseHandle
DeleteFileW
LoadLibraryW
FreeLibrary
lstrcmpiA
SetHandleCount
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
GlobalLock
GlobalUnlock
CreateFileA
lstrcpyA
GetTempFileNameW
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
CopyFileW
ReadFile
CreateFileMappingW
GetSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
CreateTimerQueueTimer
LeaveCriticalSection
InitializeCriticalSection
OutputDebugStringW
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
CreateSemaphoreA
OpenThread
GetFileAttributesExW
SetErrorMode
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
UnlockFile
DeleteTimerQueueEx
DeleteCriticalSection
CreateTimerQueue
GetVersionExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GlobalAlloc
GetStdHandle
LockFile
FlushFileBuffers
GlobalFlags
GetSystemDirectoryW
GetCurrentDirectoryW
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
ReleaseActCtx
CreateActCtxW
ResumeThread
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
InitializeCriticalSectionAndSpinCount
FreeResource
GetCurrentProcessId
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
ActivateActCtx
DeactivateActCtx
GetLocaleInfoW
SetLastError
GlobalSize
LocalFree
GetExitCodeThread
WaitForMultipleObjects
SetEvent
CreateEventW
GetPrivateProfileIntW
lstrcmpW
lstrcatA
GetTimeZoneInformation
GetModuleHandleW
FormatMessageW
GetTickCount
lstrcatW
MulDiv
LoadLibraryExW
FindResourceExW
lstrcmpA
lstrcpynW
GlobalFree
ReleaseSemaphore
WaitForSingleObject
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetFullPathNameW
CreateSemaphoreW
lstrcpyW
HeapFree
GetProcessHeap
HeapAlloc
Sleep
InterlockedExchange
VirtualAlloc
WideCharToMultiByte
CreateFileMappingA
GetLastError
OutputDebugStringA
GetModuleHandleA
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
GetVersionExA
InterlockedIncrement
InterlockedDecrement
GetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
DeleteTimerQueueTimer
DeleteFileA

msimg32

TransparentBlt
AlphaBlend

advapi32

RegEnumValueW
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumKeyExW
RegCloseKey

shell32

SHGetFolderPathW
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
ExtractIconExW

comctl32

ord17
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_Create

shlwapi

PathAppendW
PathFindFileNameW
PathAddBackslashW
PathRemoveFileSpecW
PathFileExistsW
StrStrIW
StrStrIA
PathStripToRootW
PathIsUNCW
PathFindExtensionW

gdiplus

GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

mscms

OpenColorProfileW
IsColorProfileValid
TranslateBitmapBits
CreateMultiProfileTransform
CloseColorProfile
DeleteColorTransform
GetColorProfileHeader

gdi32

PlayEnhMetaFile
SetDIBColorTable
SelectPalette
GetPaletteEntries
GetDIBColorTable
GetDeviceCaps
CreateFontW
CopyMetaFileW
CreateDCW
CreateBitmap
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
DeleteEnhMetaFile
GetObjectType
CreateHatchBrush
GetTextExtentPoint32W
CreateDIBitmap
CreateRectRgnIndirect
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
GetCharacterPlacementA
CreateDIBSection
SetPixelV
ExtTextOutW
CreatePalette
MoveToEx
ExtTextOutA
SetMapMode
SetTextAlign
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
GetCharacterPlacementW
SetTextColor
GetGlyphOutlineA
GetTextMetricsA
GetObjectA
DeleteDC
GetObjectW
BitBlt
SetDIBitsToDevice
CreateSolidBrush
RoundRect
CreatePen
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateRoundRectRgn
GetStockObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comdlg32

GetFileTitleW

ole32

CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeEx
OleCreateMenuDescriptor
DoDragDrop
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoTaskMemFree

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocString
SysFreeString

winmm

timeGetDevCaps
PlaySoundW

imagehlp

ImageGetDigestStream

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9629d2442037ad83fd5827063222eb66

Headers

DLL Characteristics

File Characteristics

Imports

user32

d3d9

kernel32

msimg32

advapi32

shell32

comctl32

shlwapi

gdiplus

oleacc

imm32

mscms

gdi32

winspool.drv

comdlg32

ole32

oleaut32

winmm

imagehlp

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 603KB - Virtual size: 602KB

.data Size: 120KB - Virtual size: 177KB

.rsrc Size: 218KB - Virtual size: 217KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 603KB - Virtual size: 602KB

.data
Size: 120KB - Virtual size: 177KB

.rsrc
Size: 218KB - Virtual size: 217KB