2024-01-29_2e414d34e5fe2a7cba1f4fdf27b8d3c6_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-29_2e414d34e5fe2a7cba1f4fdf27b8d3c6_icedid
Size

3.1MB
MD5

2e414d34e5fe2a7cba1f4fdf27b8d3c6
SHA1

cd30b9fcbc1c656bf76949ce6dc916b70e20e946
SHA256

434bb5b5c2d7a75c19daec046d9ca7ad9c6898c6e3917d51b052dd850d4771a4
SHA512

4d42ff476f2c4c938081164fd6c37fdd8648e2620aa5ed036860cc8c8891073e3e55c0efc82c294ad539480486227d6d8f8566d634049b49ec11d00193f14be5
SSDEEP

98304:Jl1O/JmCMr9/zdulQaNNZXuly0W45+gaC4:JrqJ0FFSx0W45CC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-29_2e414d34e5fe2a7cba1f4fdf27b8d3c6_icedid

Files

2024-01-29_2e414d34e5fe2a7cba1f4fdf27b8d3c6_icedid
.exe windows:5 windows x86 arch:x86

b6b767861a71659c600c77b837c582d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ltdisu

ord18
ord22
ord34
ord82
ord3
ord33
ord49
ord51
ord111
ord106
ord110
ord112
ord15
ord27
ord90
ord97
ord10

ltdlgfileu

ord13

ltdlgimgu

ord8

ltdlgkrnu

ord5
ord1

ltefxu

ord1

ltfilu

ord169
ord178
ord182
ord163
ord166

ltimgclru

ord36
ord9
ord10
ord11
ord12
ord42
ord49

ltimgcoru

ord41
ord7

ltimgefxu

ord43
ord7
ord1
ord20
ord35
ord46
ord38
ord10

ltimgsfxu

ord14
ord23

ltkrnu

ord26
ord67
ord116
ord204
ord234
ord45
ord52
ord40
ord51
ord75
ord228
ord110
ord118
ord383
ord171
ord100
ord32
ord14
ord61
ord37
ord181
ord191

ltscru

ord24
ord28
ord31
ord32
ord34
ord35
ord21
ord26

lttwnu

ord16
ord87
ord88
ord93
ord82

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

msacm32

acmMetrics

avifil32

AVIFileGetStream
AVIFileOpenA
AVIFileRelease
AVIFileExit
AVIFileCreateStreamA
AVIFileInit
AVISaveOptionsFree
AVISaveOptions
AVIMakeCompressedStream
AVIStreamLength
AVIStreamWrite
AVIStreamRead
AVIStreamSetFormat
AVIStreamReadFormat
AVIStreamInfoA
AVIStreamRelease

liveupdate

ord2

identifyhook

ord4
ord3

psdhook

ord18
ord19
ord15
ord20
ord21
ord14
ord16
ord17

kernel32

GetEnvironmentVariableA
SetFileAttributesA
GetWindowsDirectoryA
GetACP
lstrcmpA
SetFilePointer
WriteFile
UnmapViewOfFile
CopyFileA
GetTempFileNameA
MapViewOfFile
CreateFileMappingA
ExpandEnvironmentStringsA
SetLastError
GlobalSize
GlobalUnlock
GlobalFree
OutputDebugStringA
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
GetModuleFileNameW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GetCurrentProcessId
FileTimeToLocalFileTime
FindNextFileA
FileTimeToSystemTime
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetEvent
CreateEventA
SetThreadPriority
SuspendThread
ResumeThread
GetCurrentThread
GetTickCount
LocalAlloc
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
GetCPInfo
GetFileTime
GetFullPathNameA
GetCurrentDirectoryA
FlushFileBuffers
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFileAttributesExA
GetFileSizeEx
SetErrorMode
VerSetConditionMask
VerifyVersionInfoA
GetProfileIntA
VirtualProtect
FindResourceExW
RtlUnwind
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateDirectoryA
GetModuleHandleExW
AreFileApisANSI
GetCommandLineA
CreateThread
ExitThread
HeapQueryInformation
SetStdHandle
GetFileType
IsValidCodePage
GetStringTypeW
GetStdHandle
GetStartupInfoW
SetFilePointerEx
GetTimeZoneInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetConsoleCP
GetConsoleMode
ReadConsoleW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
WriteConsoleW
OutputDebugStringW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
MoveFileA
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetTempPathA
LoadLibraryA
lstrcpynA
WaitForSingleObject
MultiByteToWideChar
IsDBCSLeadByte
DeleteFileA
FindResourceA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameA
LoadLibraryExA
OpenSemaphoreA
CreateSemaphoreA
lstrcpyA
lstrcmpiA
FormatMessageA
Sleep
ReleaseSemaphore
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
LocalFree
GlobalLock
GlobalAlloc
GetProcAddress
FreeLibrary
FreeResource
DecodePointer
MulDiv
SearchPathA
FindFirstFileA
GetSystemTime
FindClose
GetVersionExA
CreateFileA
CloseHandle
ReadFile
GetFileSize
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource
LockResource
GetFileAttributesA
GetThreadLocale
ExitProcess
lstrlenA

user32

DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetUpdateRect
SubtractRect
CreateMenu
DestroyCursor
GetWindowRgn
LoadAcceleratorsW
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
DrawFocusRect
LockWindowUpdate
GetDCEx
UnionRect
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
PostThreadMessageA
CharUpperA
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
SetParent
DeleteMenu
ReuseDDElParam
UnpackDDElParam
DestroyIcon
SetRectEmpty
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
WaitMessage
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
ShowOwnedPopups
TranslateMessage
GetMessageA
IntersectRect
InflateRect
GetMenuItemInfoA
DestroyMenu
SystemParametersInfoA
IsRectEmpty
OffsetRect
SetWindowRgn
GetWindowThreadProcessId
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpA
SetScrollInfo
LoadIconA
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
DrawMenuBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
ValidateRect
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
DispatchMessageA
RegisterWindowMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetFocus
SendDlgItemMessageA
GetWindow
GetWindowTextLengthA
GetWindowTextA
SetScrollPos
SetFocus
FillRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
UnhookWindowsHookEx
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetSysColor
UnregisterClassA
SetActiveWindow
GetActiveWindow
LoadImageA
LoadIconW
MessageBeep
AppendMenuA
CheckMenuItem
GetSystemMenu
MapVirtualKeyA
GetKeyNameTextA
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
ChangeClipboardChain
SetClipboardViewer
CloseClipboard
OpenClipboard
IsIconic
UnregisterHotKey
RegisterHotKey
PeekMessageA
EnumDisplayMonitors
GetMonitorInfoA
GetScrollInfo
LoadStringA
GetDesktopWindow
GetWindowLongA
WindowFromPoint
GetCursor
MessageBoxA
GetScrollPos
SetForegroundWindow
GetForegroundWindow
UpdateWindow
FrameRect
CharUpperBuffA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
IsZoomed
GetComboBoxInfo
TrackMouseEvent
DrawIcon
GetSystemMetrics
CharNextW
CharNextA
PostQuitMessage
KillTimer
DrawTextA
MonitorFromPoint
UpdateLayeredWindow
IsMenu
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
ShowScrollBar
SetLayeredWindowAttributes
SetClassLongA
PtInRect
CopyRect
ScreenToClient
GetCursorPos
TrackPopupMenu
GetSubMenu
EnableMenuItem
LoadMenuW
SetTimer
ReleaseCapture
SetCapture
PostMessageA
GetWindowRect
GetParent
wsprintfA
LoadCursorW
LoadCursorA
SetCursor
LoadBitmapW
GetClientRect
ReleaseDC
SetRect
InvalidateRect
GetDC
EnableWindow
SendMessageA
TabbedTextOutA

gdi32

IntersectClipRect
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetTextAlign
StartDocA
ExtTextOutA
GetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateEllipticRgn
CreateDIBSection
DPtoLP
GetTextFaceA
LPtoDP
CombineRgn
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
BitBlt
CopyMetaFileA
EndPage
StartPage
EndDoc
TextOutA
GetMapMode
SetRectRgn
CreateCompatibleBitmap
CreateFontA
GetCharWidthA
StretchDIBits
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetTextMetricsA
GetTextExtentPoint32A
GetCurrentObject
CreateDCA
SetTextColor
SetBkColor
CreateHatchBrush
Polyline
MoveToEx
SetROP2
SetPixel
RoundRect
LineTo
GetROP2
Ellipse
CreatePen
CreateSolidBrush
StretchBlt
SelectPalette
RealizePalette
GetDeviceCaps
DeleteObject
CreateBitmap
CreateFontIndirectA
GetObjectA
SelectObject
Rectangle
GetStockObject
DeleteDC
CreateCompatibleDC
GetViewportOrgEx
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
PtInRegion
FrameRgn
CreateRoundRectRgn
OffsetRgn
EnumFontFamiliesExA
Polygon
CreatePolygonRgn
SetDIBColorTable
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetSystemPaletteEntries

msimg32

TransparentBlt
AlphaBlend

winspool.drv

EnumPrintersA
GetPrinterA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
RegQueryValueA
RegEnumKeyA
RegSetValueA
AllocateAndInitializeSid
FreeSid
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
GetUserNameA

shell32

SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
DragAcceptFiles
DragQueryFileA
DragFinish
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHFileOperationA
ExtractIconA
Shell_NotifyIconA

comctl32

ImageList_GetImageCount
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Remove
ord17
ImageList_GetImageInfo

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
IsAppThemed
GetThemePartSize
CloseThemeData
OpenThemeData
DrawThemeText
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground

ole32

StringFromCLSID
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoRevokeClassObject
CoFreeUnusedLibraries
CoInitializeEx
CoCreateGuid
CoRegisterClassObject
OleRun
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject
CoDisconnectObject
OleUninitialize
OleInitialize

oleaut32

VarBstrFromDate
SysFreeString
SysStringLen
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SafeArrayDestroy
VariantCopy
VarUI4FromStr

oledlg

ord8

ws2_32

WSAStartup
WSACleanup
WSASetLastError

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

sndPlaySoundA
PlaySoundA
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInReset
mmioOpenA
mmioClose
mmioWrite
mmioAscend
mmioCreateChunk

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6b767861a71659c600c77b837c582d8

Headers

DLL Characteristics

File Characteristics

Imports

ltdisu

ltdlgfileu

ltdlgimgu

ltdlgkrnu

ltefxu

ltfilu

ltimgclru

ltimgcoru

ltimgefxu

ltimgsfxu

ltkrnu

ltscru

lttwnu

version

msacm32

avifil32

liveupdate

identifyhook

psdhook

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 362KB - Virtual size: 361KB

.data Size: 28KB - Virtual size: 59KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 362KB - Virtual size: 361KB

.data
Size: 28KB - Virtual size: 59KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB