2024-02-13_f63e3d4d63b0445af93931e0e0c62553_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-13_f63e3d4d63b0445af93931e0e0c62553_icedid
Size

896KB
MD5

f63e3d4d63b0445af93931e0e0c62553
SHA1

ca3884c6ff38ba448ab4c50cd6095a3a8860195c
SHA256

01ca756d96d29f043b69e74a390df601441949f5bfe7a7d564c18277c6d29219
SHA512

867069a15abafde4009a8d51baa8bcb25b0ac3678e2a0e730f51db102c25b11c8f13a2aed2d4b63954f8fae1fa622ca08d8cd37feac81289ba2fcc24542479bc
SSDEEP

12288:JPRSk4fqWPcJGWfYXbTGCj4RNWObTzYtWOyo4kvHkhmcImMwhEPm:JpX4fl0sWS9jDOzY0ArvHkhmcImr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-13_f63e3d4d63b0445af93931e0e0c62553_icedid

Files

2024-02-13_f63e3d4d63b0445af93931e0e0c62553_icedid
.exe windows:4 windows x86 arch:x86

7862571726febd1c11c80af6e0ce3318

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\mfc\WinBOMVerify\Release\WinBOMVerify.pdb

Imports

kernel32

HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
GetProcessHeap
GetStartupInfoA
SetStdHandle
GetFileType
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
HeapSize
VirtualFree
HeapCreate
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
GlobalHandle
LocalAlloc
GetFileTime
GetFileAttributesA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
GlobalReAlloc
SuspendThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
lstrcmpW
GlobalFree
GetCurrentProcessId
GlobalGetAtomNameA
GetTimeZoneInformation
FormatMessageA
LocalFree
GetSystemTimeAsFileTime
FindFirstFileA
GetFullPathNameA
FindClose
SetEndOfFile
OutputDebugStringA
TlsAlloc
TlsGetValue
TlsSetValue
GetVolumeInformationA
GetThreadLocale
GetCurrentProcess
WritePrivateProfileStringA
GetLogicalDriveStringsA
GetDriveTypeA
CreateDirectoryA
CreateFileA
GetModuleFileNameA
VirtualAlloc
VirtualProtect
GetSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTime
SystemTimeToFileTime
FreeResource
SetCurrentDirectoryA
Sleep
CreateEventA
ResetEvent
TerminateThread
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResumeThread
GlobalAlloc
GlobalLock
GlobalUnlock
SetErrorMode
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
ExitProcess
CreateMutexA
GetStdHandle
CloseHandle
GetCurrentThreadId
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetTickCount
SetLastError
GetModuleHandleA
MulDiv
GetVersionExA
FreeLibrary
LoadLibraryA
GetProcAddress
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
HeapDestroy

user32

LockWindowUpdate
GetDCEx
UnregisterClassA
GetSysColorBrush
DestroyCursor
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
ShowOwnedPopups
GetMessageA
TranslateMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
PostQuitMessage
SetParent
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SendDlgItemMessageA
GetClassLongA
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
GetClassInfoExA
RegisterClassA
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetWindowPlacement
AdjustWindowRectEx
RegisterWindowMessageA
UnpackDDElParam
ReuseDDElParam
WinHelpA
SetFocus
GetWindowThreadProcessId
IsWindowEnabled
GetDlgItem
GetDlgCtrlID
PeekMessageA
LoadAcceleratorsA
InsertMenuItemA
SetRectEmpty
GetLastActivePopup
ShowWindow
TranslateAcceleratorA
GetMenuStringA
FrameRect
GetDoubleClickTime
DrawIconEx
WindowFromPoint
ReleaseCapture
ShowScrollBar
SetCapture
GetCapture
MessageBeep
MapWindowPoints
GetWindowTextLengthA
GetWindowTextA
LoadImageA
SetCursor
SetActiveWindow
IsWindowVisible
UpdateWindow
PostMessageA
EnableMenuItem
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetWindow
EqualRect
GetClassWord
MessageBoxA
GetForegroundWindow
GetActiveWindow
BringWindowToTop
GetKeyState
GetDC
ScreenToClient
PtInRect
SetWindowsHookExA
CallNextHookEx
CopyAcceleratorTableA
MapVirtualKeyA
GetKeyNameTextA
GetClassNameA
SetPropA
GetMessagePos
GetPropA
RemovePropA
GetIconInfo
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowDC
ReleaseDC
CopyImage
CreateWindowExA
ClientToScreen
CharNextA
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageA
FindWindowA
SetWindowRgn
RedrawWindow
DestroyIcon
LoadCursorA
GetTabbedTextExtentA
CreateMenu
GetClassInfoA
DefWindowProcA
InvalidateRect
ValidateRect
BeginPaint
EndPaint
GetParent
SetWindowPos
SetMenu
CallWindowProcA
UnhookWindowsHookEx
LoadMenuA
IsMenu
GetSysColor
SystemParametersInfoA
SetTimer
SetWindowLongA
GetWindowLongA
GetDesktopWindow
GetWindowRect
DrawMenuBar
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
AppendMenuA
CreatePopupMenu
DrawFocusRect
DrawEdge
FillRect
WindowFromDC
LoadBitmapA
IntersectRect
OffsetRect
InflateRect
SetRect
IsRectEmpty
CopyRect
DrawStateA
IsWindow
GetSystemMetrics
LoadIconA
GetClientRect
IsIconic
DrawIcon
EnableWindow
CharUpperA
GetCursorPos
IsChild
GetFocus
KillTimer
GetMenu
SendMessageA
DestroyMenu
GetSystemMenu
GetAsyncKeyState

gdi32

SetRectRgn
GetMapMode
DPtoLP
GetCharWidthA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetRgnBox
CreateEllipticRgn
LPtoDP
Ellipse
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextFaceA
GetWindowOrgEx
ExtSelectClipRgn
GetViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocA
CreateSolidBrush
CreatePen
GetBkMode
UnrealizeObject
LineTo
IntersectClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
PatBlt
SetTextColor
GetClipBox
CreateDCA
GetBkColor
ResetDCA
SetBkMode
StretchBlt
GetStockObject
ExtCreatePen
SelectClipRgn
GetTextExtentPoint32A
SetWindowOrgEx
GetCurrentObject
GetTextAlign
GetTextMetricsA
SetTextAlign
MoveToEx
GetTextExtentPointA
GetCurrentPositionEx
GetTextColor
Escape
TextOutA
RectVisible
PtVisible
DeleteObject
ExtTextOutA
CreateBitmap
SelectObject
SetBkColor
DeleteDC
SetPixel
GetPixel
BitBlt
RoundRect
Rectangle
GetNearestColor
SetBrushOrgEx
GetDeviceCaps
CreateCompatibleDC
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
CreateCompatibleBitmap
GetObjectA
CreateFontIndirectA
CreatePatternBrush
GetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFileInfoA

comctl32

ord17
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
OleIsCurrentClipboard

oleaut32

VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString
SysAllocString

odbc32

ord17
ord41
ord10
ord2
ord1
ord15
ord9
ord14
ord3
ord61
ord16
ord20
ord8
ord48
ord49
ord11
ord19
ord12
ord46
ord18
ord13
ord59
ord43
ord68
ord44
ord45
ord50
ord51
ord5

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 648KB - Virtual size: 647KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7862571726febd1c11c80af6e0ce3318

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

odbc32

version

Sections

.text Size: 648KB - Virtual size: 647KB

.rdata Size: 160KB - Virtual size: 156KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 648KB - Virtual size: 647KB

.rdata
Size: 160KB - Virtual size: 156KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 60KB - Virtual size: 57KB