2024-01-28_0ac8582b011b0258def7cdf68e04c93a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-28_0ac8582b011b0258def7cdf68e04c93a_icedid
Size

3.0MB
MD5

0ac8582b011b0258def7cdf68e04c93a
SHA1

2cd7f2b6126d080afc0e104413541f6cc111d488
SHA256

5b516477ab5ca3c68a1b19d6ef9dd49d07ec589d75ac960acb1ada449aa44b6b
SHA512

1a2798b0d3efee721feec5068695459b172add0dba0b97d88897d86071e682c16a412c31a51591c63edc8d0e31d31ea445cff5d23a397eb00abbf4747f2b61d3
SSDEEP

49152:mqXjypE/gH1LrxAjCpaNMd5uJhJ0eMszlEaOs/nrAPAxVK2+7wbeZNbSNwswO3zt:mpwgH1LrxKQzdcJhCeMsQAnrAPLTZNbC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-28_0ac8582b011b0258def7cdf68e04c93a_icedid

Files

2024-01-28_0ac8582b011b0258def7cdf68e04c93a_icedid
.exe windows:6 windows x86 arch:x86

249ae3befb4846b1613de40254b5ac15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\FlowChartX\Samples\FCDemo\Release\FCDemo.pdb

Imports

kernel32

SetLastError
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
GetSystemDefaultLCID
GetModuleFileNameA
GetSystemDirectoryA
FindFirstFileA
FindClose
GlobalUnlock
GlobalLock
GlobalReAlloc
GlobalAlloc
SizeofResource
LockResource
LoadResource
lstrlenA
SetEnvironmentVariableA
IsValidLocale
SetFilePointerEx
GetTimeZoneInformation
SetConsoleCtrlHandler
FatalAppExitA
TerminateProcess
CompareStringA
UnhandledExceptionFilter
QueryPerformanceCounter
GetStdHandle
GetConsoleMode
GetConsoleCP
GetFileType
SetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
HeapQueryInformation
AreFileApisANSI
GetModuleHandleExW
ExitProcess
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineA
GetSystemTimeAsFileTime
RtlUnwind
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
VirtualProtect
SearchPathA
GetProfileIntA
Sleep
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
LoadLibraryA
FreeLibrary
SetUnhandledExceptionFilter
OutputDebugStringA
FreeResource
GlobalFree
FindResourceA
GlobalSize
LocalFree
MulDiv
FormatMessageA
CopyFileA
EncodePointer
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
GetCurrentProcessId
GetVersionExA
GetThreadLocale
CloseHandle
SetEvent
WaitForSingleObject
CreateEventA
SetThreadPriority
SuspendThread
ResumeThread
GetCurrentThread
lstrcmpA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetACP
GlobalFlags
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
GetAtomNameA
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
GetCurrentDirectoryA
DeleteFileA
CreateFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
MoveFileA
GetVolumeInformationA
GetStringTypeExA
GetWindowsDirectoryA
lstrcpyA
GetTickCount
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileAttributesA
SetFileTime
VerSetConditionMask

user32

GetMenuItemCount
InsertMenuA
RemoveMenu
SetFocus
SetScrollPos
GetScrollPos
GetWindowTextA
GetWindowTextLengthA
SendDlgItemMessageA
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgCtrlID
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
TrackPopupMenuEx
UpdateWindow
GetForegroundWindow
SetForegroundWindow
ValidateRect
RedrawWindow
ScrollWindow
SetScrollRange
GetScrollRange
ShowScrollBar
AdjustWindowRectEx
MessageBoxA
MapWindowPoints
GetSysColor
EqualRect
PtInRect
GetClassLongA
GetClassNameA
GetLastActivePopup
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
MoveWindow
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
ScrollWindowEx
SetWindowTextA
IsDialogMessageA
GetWindowThreadProcessId
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
IntersectRect
CharNextA
GetMessageA
TranslateMessage
GetCursorPos
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
DestroyMenu
GetMenuItemInfoA
SystemParametersInfoA
GetKeyNameTextA
MapVirtualKeyA
GetDialogBaseUnits
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorA
CopyImage
CopyAcceleratorTableA
GetMenuItemID
SetRect
IsRectEmpty
DeleteMenu
DestroyIcon
CharUpperA
WaitMessage
WindowFromPoint
GetNextDlgGroupItem
MessageBeep
CreatePopupMenu
GetMenuDefaultItem
SetRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
GetAsyncKeyState
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
RegisterClipboardFormatA
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
GetMenuState
UnpackDDElParam
ReuseDDElParam
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateA
DrawFrameControl
SetWindowRgn
UnionRect
IsMenu
UpdateLayeredWindow
MonitorFromPoint
TrackMouseEvent
GetComboBoxInfo
IsZoomed
PostThreadMessageA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
SetParent
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
GetMenuBarInfo
SetCursorPos
LockWindowUpdate
SetClassLongA
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuA
CharUpperBuffA
FrameRect
EnumChildWindows
GetDCEx
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetUpdateRect
SubtractRect
SendNotifyMessageA
InSendMessage
CreateMenu
DestroyCursor
GetWindowRgn
WindowFromDC
GetTabbedTextExtentA
GetMenuStringA
GetDesktopWindow
SendMessageA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
InvalidateRect
GetClientRect
InflateRect
SetCapture
ReleaseCapture
SetCursor
GetParent
DrawEdge
PostMessageA
SetWindowPos
IsWindowVisible
IsIconic
SetTimer
KillTimer
GetSystemMetrics
GetSystemMenu
GetSubMenu
AppendMenuA
DrawIcon
GetDC
ReleaseDC
GetWindowRect
ClientToScreen
ScreenToClient
DrawFocusRect
FillRect
CopyRect
OffsetRect
GetTopWindow
GetWindow
LoadBitmapA
LoadIconA
IsWindow
UnregisterClassA
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
InvalidateRgn
DestroyAcceleratorTable

gdi32

CreateBitmap
SetBkColor
SetTextColor
GetObjectA
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
GetTextFaceA
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
SetAbortProc
AbortDoc
EndPage
StartPage
GetDeviceCaps
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
PtInRegion
FrameRgn
RoundRect
GetCurrentObject
StretchDIBits
GetCharWidthA
CreateFontA
CreateRoundRectRgn
OffsetRgn
EnumFontFamiliesExA
Rectangle
Polyline
Polygon
CreatePolygonRgn
CreateEllipticRgn
SetDIBColorTable
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
Ellipse
DeleteDC
DeleteObject
GetDIBits
LineTo
SelectObject
StretchBlt
SetStretchBltMode
MoveToEx
CreateDIBSection
SetPixel
CreateDCA
CopyMetaFileA
EndDoc
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetRgnBox
GetTextMetricsA
GetTextExtentPoint32A
GetTextColor
GetBkColor
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CreateFontIndirectA
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
TextOutA
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox

shell32

SHGetFileInfoA
ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
SHGetMalloc
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ExtractIconA
SHAddToRecentDocs
ShellExecuteA

comctl32

ImageList_AddMasked
ord17

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
StrFormatKBSizeA

uxtheme

CloseThemeData
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetThemePartSize
GetThemeSysColor
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetCurrentThemeName
DrawThemeBackground
GetThemeColor

ole32

StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
CoTreatAsClass
CreateBindCtx
ReadClassStg
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleRun
CoUninitialize
CoInitializeEx
CoCreateGuid
CoInitialize
StringFromGUID2
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
WriteClassStg
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
CreateDataAdviseHolder
OleGetIconOfClass
GetHGlobalFromILockBytes
PropVariantCopy
OleRegGetMiscStatus
OleRegEnumVerbs
OleQueryLinkFromData
OleQueryCreateFromData
OleIsRunning
CoGetMalloc
WriteFmtUserTypeStg
ReadFmtUserTypeStg
OleDuplicateData
ReleaseStgMedium
OleRegGetUserType
OleFlushClipboard
SetConvertStg
CreateOleAdviseHolder
GetRunningObjectTable

oleaut32

VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysStringLen
SysAllocString
VariantChangeType
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
OleCreateFontIndirect
OleCreatePropertyFrame
VariantClear
SetErrorInfo
GetErrorInfo
CreateErrorInfo

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

advapi32

RegCloseKey
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
SetFileSecurityA
GetFileSecurityA

winmm

PlaySoundA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

oledlg

ord8

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 546KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

249ae3befb4846b1613de40254b5ac15

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

imm32

advapi32

winmm

winspool.drv

oledlg

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 546KB - Virtual size: 546KB

.data Size: 38KB - Virtual size: 68KB

.rsrc Size: 228KB - Virtual size: 227KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 546KB - Virtual size: 546KB

.data
Size: 38KB - Virtual size: 68KB

.rsrc
Size: 228KB - Virtual size: 227KB