2024-02-17_a0b8c996f32feb432d2457ac59c7a299_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-17_a0b8c996f32feb432d2457ac59c7a299_icedid
Size

116.0MB
MD5

a0b8c996f32feb432d2457ac59c7a299
SHA1

7db4e3be10cc58ac7fc7dd0c5b13d5b25afcec8b
SHA256

135d15688aa592c4f9c439e8e22e67063d1eaf314907d39d5f76f8768ee28dd4
SHA512

e0d667a452e2eee69fd0522abc8191b75109a297f25a14390d7ddd88416007ccffd6557a6446005138c1f74e7c06828fe45ae65c88866cfce9787665101aaa49
SSDEEP

196608:tpi/2QyZZwiW0aAkAkFzKuZTpi/2QyZZwiW0aAkAkFzKuZ:6Jybwl0Js2Jybwl0Js

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-17_a0b8c996f32feb432d2457ac59c7a299_icedid

Files

2024-02-17_a0b8c996f32feb432d2457ac59c7a299_icedid
.exe windows:4 windows x86 arch:x86

7c6d8e50d7c0e8326fce0f8eecb79276

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\1k\R4\9p\e\6fC\browser\Cluster\compiler\7x\1k\monitor\x86\release\driver\V\vm.pdb

Imports

kernel32

GetSystemInfo
VirtualQuery
TerminateProcess
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
VirtualAlloc
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc
HeapAlloc
CreateThread
ExitThread
ExitProcess
HeapFree
RtlUnwind
GetStartupInfoW
GetCurrentDirectoryW
FindResourceExW
LocalFileTimeToFileTime
GetShortPathNameW
CreateFileW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
DeleteFileW
MoveFileW
SystemTimeToFileTime
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
lstrcmpiW
GetCurrentThread
lstrcmpiA
ConvertDefaultLocale
EnumResourceLanguagesW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
VirtualProtect
FindFirstFileW
FileTimeToLocalFileTime
FindNextFileW
FindClose
GetVersion
GlobalGetAtomNameW
InterlockedDecrement
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
lstrcmpA
SetLastError
MulDiv
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
lstrcatW
lstrcmpW
GetVersionExA
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
SetThreadPriority
GlobalFree
LoadLibraryA
GetFullPathNameW
GetModuleFileNameW
ResumeThread
GetUserDefaultLangID
GetCurrentProcess
RaiseException
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SearchPathW
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryW
GetUserDefaultLCID
GetWindowsDirectoryW
GetFileAttributesW
WideCharToMultiByte
GetProfileIntW
GlobalAlloc
GlobalLock
lstrcpyW
GlobalUnlock
GetDriveTypeW
GetTickCount
GetCurrentThreadId
GetSystemDirectoryW
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GetEnvironmentVariableW
GetLogicalDrives
SetErrorMode
GetVolumeInformationW
GetLocaleInfoW
GetDiskFreeSpaceExW
lstrlenW
CreateProcessW
CloseHandle
FreeResource
GetLastError
lstrcpynW
lstrlenA
FormatMessageW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetSystemTimeAsFileTime
LocalFree

user32

GetSysColorBrush
RegisterClipboardFormatW
SetWindowContextHelpId
ShowOwnedPopups
GetSystemMenu
IsRectEmpty
SetParent
IsZoomed
MapDialogRect
GetAsyncKeyState
DestroyCursor
SetCursorPos
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
UnpackDDElParam
ReuseDDElParam
SetCursor
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
SetMenu
TranslateAcceleratorW
wsprintfW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetMenuStringW
InsertMenuW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
WinHelpW
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxW
TrackPopupMenuEx
TrackPopupMenu
SetScrollPos
GetMenu
PostMessageW
GetMenuItemID
AdjustWindowRectEx
EqualRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExW
CallNextHookEx
IsWindowVisible
GetKeyState
ValidateRect
ReleaseDC
GetDC
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMessageW
ReleaseCapture
SetCapture
GetCapture
LoadStringW
LockWindowUpdate
UnregisterClassW
RegisterWindowMessageW
SetForegroundWindow
UpdateWindow
BringWindowToTop
DrawFocusRect
GetFocus
LoadBitmapW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
DestroyIcon
GetDCEx
WindowFromPoint
FindWindowW
CopyRect
SetClipboardData
EmptyClipboard
OpenClipboard
RemoveMenu
GetMenuItemCount
EnableMenuItem
AppendMenuW
CloseClipboard
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
LoadIconW
LoadCursorW
PostThreadMessageW
GetCursorPos
GetClassInfoW
RegisterClassW
KillTimer
SetTimer
PtInRect
MsgWaitForMultipleObjects
CharUpperW
SetRect
MessageBeep
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
GetDesktopWindow
RedrawWindow
LoadMenuW
ModifyMenuW
GetSubMenu
SetMenuDefaultItem
DeleteMenu
OffsetRect
GetSysColor
GetParent
InvalidateRect
ScreenToClient
ClientToScreen
DrawEdge
InflateRect
IsWindow
EnableWindow
HideCaret
GetClientRect
GetWindowRect
SendMessageW
GetScrollPos

gdi32

GetMapMode
GetTextExtentPoint32W
StretchDIBits
GetCharWidthW
CreateFontW
GetTextMetricsW
EnumFontFamiliesExW
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
CreateRectRgn
SelectClipRgn
DeleteObject
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetRectRgn
CreateFontIndirectW
CreateSolidBrush
CreatePen
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
CreateCompatibleBitmap
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
PatBlt
CreateRectRgnIndirect
Ellipse
GetDeviceCaps
Pie
GetPixel
GetObjectW
SetPixel
BitBlt
Rectangle
CreateCompatibleDC
GetViewportExtEx

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW
ChooseColorW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetUserNameW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegSetValueW
RegOpenKeyW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyW
RegCloseKey

shell32

DragFinish
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHFileOperationW
ExtractIconW
DragQueryFileW
ShellExecuteW
SHBrowseForFolderW
SHGetFileInfoW

comctl32

ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_Duplicate
ord8
ord17
ImageList_Destroy
PropertySheetW
DestroyPropertySheetPage
ImageList_AddMasked
CreatePropertySheetPageW

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c6d8e50d7c0e8326fce0f8eecb79276

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 440KB - Virtual size: 439KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 3.5MB - Virtual size: 3.5MB

.text
Size: 440KB - Virtual size: 439KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 3.5MB - Virtual size: 3.5MB