2024-02-13_d6a122b44f9884838c525e252a15d4f1_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-13_d6a122b44f9884838c525e252a15d4f1_icedid
Size

2.5MB
MD5

d6a122b44f9884838c525e252a15d4f1
SHA1

c26ebec94159687386fb42816a3e97f99592a142
SHA256

97decea4fd7b6a8d4005096cd26e114a83da01535acfbc9f2deaf5895ce6fbb4
SHA512

77a0bb2b0bf6f60b2da3980ff22f539863281d65d443f927221713d86ad8f540ba7c792cc98a298d398c1daab56b5fefe0c07fdf326558a9bbebf55e8b6e606c
SSDEEP

49152:5Tm67w/hmy8ZWRleLlOMMMMMMAMMMMMMFMy:5CGyplmlOMMMMMMAMMMMMMFM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-13_d6a122b44f9884838c525e252a15d4f1_icedid

Files

2024-02-13_d6a122b44f9884838c525e252a15d4f1_icedid
.exe windows:4 windows x86 arch:x86

c3a9d0260b764c1baa1b4b518a502744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\Dev\local\XVideo\Release\XVideo.pdb

Imports

dsound

ord11

ddraw

DirectDrawCreateEx

avifil32

AVIFileExit
AVIFileRelease
AVIStreamRelease
AVIStreamSetFormat
AVIMakeCompressedStream
AVIFileCreateStreamA
AVIFileOpenA
AVIFileInit
AVIStreamWrite

msvfw32

ICGetInfo
ICSeqCompressFrameStart
ICSendMessage
ICSeqCompressFrameEnd
ICSeqCompressFrame
ICOpen
ICInfo
ICClose

msacm32

acmStreamConvert
acmDriverEnum
acmStreamSize
acmStreamPrepareHeader
acmDriverOpen
acmDriverDetailsA
acmStreamOpen
acmFormatChooseA
acmMetrics
acmStreamUnprepareHeader
acmDriverClose
acmStreamClose

kernel32

HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetCurrentDirectoryA
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
IsBadReadPtr
IsBadCodePtr
lstrcpyA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
GetLastError
GetCurrentProcess
GetTickCount
WideCharToMultiByte
CloseHandle
ReadFile
CreateFileA
SetPriorityClass
GetTempPathA
GetModuleFileNameA
GetCommandLineA
GetCurrentDirectoryA
MultiByteToWideChar
GetFileType
GetStartupInfoA
TerminateProcess
ExitProcess
HeapReAlloc
HeapSize
GetDriveTypeA
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
LocalFileTimeToFileTime
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
UnlockFile
LockFile
DeleteFileA
MoveFileA
FindResourceExA
SystemTimeToFileTime
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
InterlockedIncrement
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
GetStringTypeExA
CreateProcessA
GetProcAddress
CreateMutexA
GlobalUnlock
GlobalLock
FindNextFileA
FindClose
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
ReleaseMutex
VirtualProtect
InterlockedDecrement
GlobalFree
GlobalAlloc
GlobalGetAtomNameA
lstrcatA
lstrcmpW
GetCurrentThreadId
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FormatMessageA
LocalFree
FreeResource
MulDiv
RaiseException
DeviceIoControl
SetEvent
FlushFileBuffers
SetEndOfFile
SetFilePointer
WriteFile
SetLastError
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
CreateEventA
Sleep
GetModuleHandleA
CreateThread
SetEnvironmentVariableA

user32

DrawIcon
RegisterClipboardFormatA
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
MapDialogRect
GetAsyncKeyState
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
ValidateRect
WindowFromPoint
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetMenuStringA
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
WinHelpA
GetClassInfoExA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DestroyWindow
GetMessageTime
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
GetScrollPos
SetForegroundWindow
ShowScrollBar
SetScrollInfo
GetClassInfoA
RegisterClassA
SetWindowPlacement
DefWindowProcA
SetWindowPos
GetWindowPlacement
GetTopWindow
SetParent
GetDlgCtrlID
EqualRect
WindowFromDC
ModifyMenuA
GetMenuState
DeleteMenu
CreatePopupMenu
DrawFocusRect
DrawMenuBar
DestroyMenu
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
DrawIconEx
TrackPopupMenuEx
GetSystemMenu
RemoveMenu
InsertMenuA
EnableMenuItem
CheckMenuItem
SetRectEmpty
SetMenu
SetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
CopyAcceleratorTableA
GetMenuItemCount
CreateMenu
DrawStateA
GetMessagePos
IsChild
GetDCEx
IntersectRect
wsprintfA
SystemParametersInfoA
UnregisterClassA
DrawEdge
FrameRect
SetScrollPos
BringWindowToTop
IsRectEmpty
CreateWindowExA
EnumChildWindows
IsWindowEnabled
SetFocus
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetClassLongA
GetScrollInfo
GetWindowRgn
IsZoomed
SetClassLongA
GetCapture
RedrawWindow
MoveWindow
MapWindowPoints
IsMenu
AdjustWindowRectEx
GetMenu
UnionRect
ShowWindow
DestroyIcon
GetWindow
GetIconInfo
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetPropA
RemovePropA
GetPropA
CallWindowProcA
IsIconic
SetRect
AdjustWindowRect
LoadImageA
GetActiveWindow
PeekMessageA
TranslateMessage
DispatchMessageA
GetMessageA
FillRect
ClientToScreen
GetMenuItemID
GetMenuItemInfoA
GetClipboardData
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClassExA
DefFrameProcA
TranslateMDISysAccel
CharNextA
GetSystemMetrics
GetClassNameA
OffsetRect
KillTimer
SetTimer
SetWindowRgn
SetWindowLongA
IsWindowVisible
GetSysColorBrush
LockWindowUpdate
LoadMenuA
GetSubMenu
CopyRect
FindWindowA
MessageBoxA
GetDlgItem
GetCursorPos
GetWindowLongA
GetKeyState
GetFocus
UpdateWindow
ScreenToClient
CharUpperA
PostThreadMessageA
GetNextDlgGroupItem
AppendMenuA
InvalidateRgn
RegisterWindowMessageA
LoadIconA
GetDesktopWindow
PostMessageA
LoadBitmapA
ExitWindowsEx
LoadCursorA
CopyIcon
MessageBeep
IsWindow
DestroyCursor
ReleaseCapture
EnableWindow
GetParent
SetCapture
InvalidateRect
ReleaseDC
GetDC
GetClientRect
GetWindowRect
SendMessageA
InflateRect
PtInRect
GetSysColor
SetCursor
GetWindowDC

gdi32

GetViewportOrgEx
GetDIBColorTable
GetCurrentObject
CreateSolidBrush
CreateFontA
GetNearestColor
SetPixel
Ellipse
SetGraphicsMode
GetGraphicsMode
CreatePen
GetClipBox
SetBkColor
SaveDC
RestoreDC
SetROP2
SetStretchBltMode
SetMapMode
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
RealizePalette
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
StretchDIBits
GetCharWidthA
GetTextMetricsA
CreateEllipticRgn
EnumFontFamiliesExA
GetTextColor
GetRgnBox
CreatePalette
FillRgn
GetWindowOrgEx
OffsetRgn
CombineRgn
SetRectRgn
CreatePolygonRgn
CreateRectRgnIndirect
PatBlt
Escape
ExtTextOutA
RectVisible
PtVisible
GetPixel
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
Rectangle
SetBitmapBits
StretchBlt
CreateCompatibleBitmap
CreateRectRgn
SelectClipRgn
ExcludeClipRect
GetTextExtentPointA
SetBkMode
SetTextColor
TextOutA
DeleteObject
DeleteDC
CreateBrushIndirect
BitBlt
RoundRect
CreateRoundRectRgn
CreatePenIndirect
SelectObject
GetDeviceCaps
CreateCompatibleDC
CreateBitmap
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject

msimg32

GradientFill

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA
RegCreateKeyA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueA
RegDeleteKeyA
RegEnumKeyA
SetFileSecurityA
GetFileSecurityA
RegOpenKeyA

shell32

SHGetFileInfoA
DragAcceptFiles
DragFinish
DragQueryFileA
ExtractIconA
ShellExecuteA

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_Remove
ImageList_ReplaceIcon
ord17
ImageList_GetIcon
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_Create
ImageList_LoadImageA
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_Destroy
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleLockRunning
CoFreeUnusedLibraries
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString

oleaut32

VariantCopy
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
VariantClear

ws2_32

WSACleanup
WSAStartup

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 856KB - Virtual size: 853KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3a9d0260b764c1baa1b4b518a502744

Headers

File Characteristics

PDB Paths

Imports

dsound

ddraw

avifil32

msvfw32

msacm32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 340KB - Virtual size: 338KB

.data Size: 112KB - Virtual size: 4.4MB

.rsrc Size: 856KB - Virtual size: 853KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 340KB - Virtual size: 338KB

.data
Size: 112KB - Virtual size: 4.4MB

.rsrc
Size: 856KB - Virtual size: 853KB