2024-02-17_9f866d2818d5a9ea2f4f9dcefd1e597f_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-17_9f866d2818d5a9ea2f4f9dcefd1e597f_icedid
Size

1.8MB
MD5

9f866d2818d5a9ea2f4f9dcefd1e597f
SHA1

f54314e2c6a8081658d51ce84b1a4dcf8c227829
SHA256

d7da06d583383db8ccf571b3252e64352fbc64f65deecc48476151447249c79d
SHA512

1560ec8c73098925776d2ba949399226c4ad0eebbfcbca66c4caeff4ad910975181a16b9a8f3a511464f4f784d3663385af3e8074cf13432d9dc9e29d2f9db85
SSDEEP

49152:kT9TvaGec09B467Qc2jDObEgfKMx+takZLTxuu:kZvaGeVB4q2Hkz9x+gI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-17_9f866d2818d5a9ea2f4f9dcefd1e597f_icedid

Files

2024-02-17_9f866d2818d5a9ea2f4f9dcefd1e597f_icedid
.exe windows:5 windows x86 arch:x86

04bbf9899a9587c2a27e897f4a4c98fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate
UuidToStringW

kernel32

GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
SizeofResource
LockResource
GetProcessHeap
InterlockedCompareExchange
LoadResource
FindResourceW
VirtualAlloc
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
SetLastError
GetLastError
CompareStringW
WideCharToMultiByte
lstrlenA
lstrcmpA
GlobalUnlock
lstrcpynA
GlobalLock
GlobalAlloc
lstrcpynW
MulDiv
lstrcmpW
ExpandEnvironmentStringsW
CopyFileW
InterlockedDecrement
GetUserDefaultLCID
lstrlenW
lstrcmpiW
CloseHandle
WriteFile
CreateFileW
Sleep
ReadFile
GetFileSize
LoadLibraryExW
lstrcpyW
GetWindowsDirectoryW
WinExec
lstrcatW
IsBadReadPtr
GetCurrentProcess
GetModuleFileNameA
GetModuleFileNameW
SearchPathW
GetVersion
GetCurrentDirectoryW
GetDriveTypeW
GetFullPathNameW
GlobalFree
LocalAlloc
LocalFree
InterlockedExchange
LoadLibraryA
RaiseException
HeapSize
ExitProcess
GetFileType
SetStdHandle
HeapReAlloc
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
GetSystemDirectoryW
SetErrorMode
FindResourceExW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
FindNextFileW
InterlockedIncrement
GetFileSizeEx
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalGetAtomNameW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
GetProfileIntW
GetTickCount
GetCurrentProcessId
GetModuleHandleA
VirtualProtect
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExA
GetVersionExW
GlobalSize
FormatMessageW

user32

ValidateRect
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
TranslateAcceleratorW
TranslateMDISysAccel
BringWindowToTop
DefMDIChildProcW
DefFrameProcW
CharUpperW
DrawIcon
GetWindowThreadProcessId
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
MapDialogRect
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
SetWindowsHookExW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
GetScrollPos
SetForegroundWindow
MessageBoxW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
CallWindowProcW
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
SetFocus
GetMenuState
GetMessageW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
ShowScrollBar
SetScrollRange
GetScrollRange
SetScrollPos
PeekMessageW
UnionRect
CreateWindowExW
DestroyWindow
DestroyMenu
TrackPopupMenuEx
DefWindowProcW
GetWindowTextW
ChildWindowFromPoint
IsWindowEnabled
WindowFromPoint
SetWindowRgn
SetRectEmpty
GetClassNameW
DestroyCursor
LoadImageW
CreateIconIndirect
GetIconInfo
CopyIcon
CopyImage
MessageBoxA
RegisterClipboardFormatW
DestroyIcon
KillTimer
ShowWindow
EqualRect
IsWindowVisible
DrawMenuBar
InsertMenuItemW
CreatePopupMenu
EnableWindow
SendMessageW
CopyRect
InflateRect
GetClipboardData
SetWindowLongW
RemoveMenu
IsClipboardFormatAvailable
DeferWindowPos
GetSysColorBrush
GetClassLongW
BeginDeferWindowPos
EndDeferWindowPos
GetWindow
GetDCEx
IsRectEmpty
GetCursorPos
GetKeyState
TranslateMessage
DispatchMessageW
LockWindowUpdate
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
GetMenuItemInfoW
DeleteMenu
GetSystemMenu
CharNextW
UnregisterClassW
SetActiveWindow
GetActiveWindow
RegisterWindowMessageW
LoadMenuW
GetSubMenu
SetMenuDefaultItem
GetWindowLongW
GrayStringW
DrawTextExW
DrawTextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageW
GetMenuStringW
FrameRect
DrawFocusRect
GetSysColor
FillRect
GetClientRect
InvalidateRect
MessageBeep
SetRect
OffsetRect
DrawEdge
DrawFrameControl
GetWindowRect
RedrawWindow
GetParent
IsWindow
GetSystemMetrics
PtInRect
GetCapture
SetCapture
ReleaseCapture
GetMessagePos
SystemParametersInfoW
GetDlgItem
LoadIconW
GetWindowDC
ReleaseDC
GetClassInfoW
ClientToScreen
ScreenToClient
SetParent
IsCharAlphaW
IsIconic
IsZoomed
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
LoadBitmapW
GetDC
SetTimer
GetFocus
GetDesktopWindow
IsChild
IntersectRect
PostMessageW
SetCursor
LoadCursorW
GetAsyncKeyState
DrawStateW
BeginPaint
EndPaint
UpdateWindow
TabbedTextOutW
CallNextHookEx

gdi32

Escape
GetTextColor
PatBlt
CreateBrushIndirect
DeleteDC
CreateDIBSection
CreateBitmap
CreateHatchBrush
SetMapMode
SelectPalette
CreateDCW
StretchBlt
SetTextJustification
FrameRgn
SelectClipRgn
FillRgn
CombineRgn
SetBkColor
CreateRectRgn
CreatePolygonRgn
CreateRoundRectRgn
OffsetRgn
GetPixel
GetWindowOrgEx
CreateEllipticRgnIndirect
Ellipse
SetPixelV
CopyMetaFileW
CreateRectRgnIndirect
GetClipBox
SaveDC
RestoreDC
ExcludeClipRect
IntersectClipRect
RectVisible
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
LPtoDP
GetCharWidthW
CreateFontW
StretchDIBits
GetRgnBox
BitBlt
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
MoveToEx
LineTo
DeleteObject
SetPixel
GetCurrentObject
EnumFontFamiliesExW
GetTextMetricsW
GetBkColor
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
RealizePalette
GetDeviceCaps
CreatePalette
CreateFontIndirectW
CreatePen
Rectangle
ExtTextOutW
SetBkMode
TextOutW
GetStockObject
SetTextColor

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

SetFileSecurityW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueW
RegSetValueExW
RegCreateKeyExW
RegSetValueW
RegCreateKeyW
GetFileSecurityW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW

shell32

DragAcceptFiles
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoW
DragFinish
DragQueryFileW
ExtractIconW
ShellExecuteW

comctl32

ImageList_Duplicate
ImageList_GetIconSize
InitCommonControlsEx
ord17
ImageList_GetIcon
ImageList_GetImageCount
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathRemoveFileSpecW
StrRetToStrW

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleGetClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
OleFlushClipboard
OleIsCurrentClipboard
RevokeDragDrop
CoLockObjectExternal
CoInitializeEx
OleDuplicateData
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoInitialize
CoUninitialize
CLSIDFromProgID
OleRegGetUserType
ProgIDFromCLSID
ReadClassStm
OleSaveToStream
CoGetClassObject
CoTaskMemFree
StringFromGUID2
OleRun
CoRevokeClassObject
CoRegisterMessageFilter
CoCreateInstance
CreateStreamOnHGlobal
ReleaseStgMedium

oleaut32

VariantChangeType
VariantClear
OleCreatePropertyFrameIndirect
SysStringLen
OleLoadPicture
OleCreatePictureIndirect
VarDateFromStr
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VariantInit
SysFreeString
SysAllocString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

PlaySoundW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04bbf9899a9587c2a27e897f4a4c98fc

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

winmm

oleacc

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 342KB - Virtual size: 342KB

.data Size: 28KB - Virtual size: 1.1MB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 342KB - Virtual size: 342KB

.data
Size: 28KB - Virtual size: 1.1MB

.rsrc
Size: 23KB - Virtual size: 23KB