2024-02-18_bc15e25845f2955a5d554ae1e5006cd6_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-18_bc15e25845f2955a5d554ae1e5006cd6_icedid
Size

1.1MB
MD5

bc15e25845f2955a5d554ae1e5006cd6
SHA1

a694771987cd4d1b2425179f9278076109282f29
SHA256

2fd5e33046b43abace957991d10ccfcdf0cbe7061fc37f3b8910e95a2f9c39be
SHA512

5bb7d9c68dce8c12f7ba4d28b9ea92b9faca42044e9f2b08e2607f061f426f513f1a7414e510c4fff18365ac56a37f6a22f1aabb87df2ba9c52b5b2fc901ef6c
SSDEEP

24576:B350tmLUkffJaW+ui74+2o9MAMDsf3pZt1I:BzaW+uOXusZZX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-18_bc15e25845f2955a5d554ae1e5006cd6_icedid

Files

2024-02-18_bc15e25845f2955a5d554ae1e5006cd6_icedid
.exe windows:4 windows x86 arch:x86

b486e19e5306a76d8016eecad19e54f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\dev\my46bouncer\46bouncer\46BncGUI.pdb

Imports

ws2_32

getnameinfo
getsockname
getpeername
shutdown
closesocket
WSACleanup
WSAStartup
WSAGetLastError
ntohl
getaddrinfo
listen
freeaddrinfo
bind
setsockopt
socket
ntohs
accept
recvfrom
recv
connect
sendto
send

iphlpapi

GetAdaptersAddresses

kernel32

OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FileTimeToLocalFileTime
lstrcpynW
OutputDebugStringW
lstrcpyW
OpenEventA
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetEnvironmentVariableW
GetVersion
MultiByteToWideChar
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenW
WideCharToMultiByte
GetStringTypeExW
GetModuleFileNameW
GetStringTypeExA
lstrcmpiW
lstrcmpiA
lstrlenA
GetLastError
IsBadStringPtrA
FindResourceA
SizeofResource
LockResource
LoadResource
CreateThread
ExitThread
ResumeThread
TerminateThread
SuspendThread
Sleep
WaitForSingleObject
FormatMessageA
CreateSemaphoreA
CloseHandle
ReleaseSemaphore
GetCurrentThreadId
CreateEventA
ResetEvent
SetEnvironmentVariableA
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetDateFormatA
GetTimeFormatA
IsBadCodePtr
GetProcessHeap
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapAlloc
SetConsoleCtrlHandler
FatalAppExitA
GetFileType
SetStdHandle
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
HeapValidate
VirtualQuery
GetSystemInfo
VirtualAlloc
RtlUnwind
OutputDebugStringA
GetStdHandle
DebugBreak
FindResourceExA
GetDiskFreeSpaceA
GetTempFileNameA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileAttributesA
LocalLock
LocalUnlock
SystemTimeToFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetProfileIntA
VirtualProtect
GetShortPathNameA
SetEvent
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
IsBadReadPtr
IsBadWritePtr
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
TlsAlloc
InitializeCriticalSection
LocalAlloc
SetErrorMode
GlobalFlags
InterlockedIncrement
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
RaiseException
DeleteCriticalSection
lstrcatA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetThreadPriority
SetThreadPriority
FreeResource
GlobalAddAtomA
SetLastError
MulDiv
GlobalFree
CopyFileA
GlobalSize
GlobalUnlock
lstrcpynA
LocalFree
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetCurrentThread
lstrcpyA
LoadLibraryA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA

user32

LoadAcceleratorsA
GetWindowThreadProcessId
WaitMessage
ReleaseCapture
MapVirtualKeyA
GetKeyNameTextA
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
ModifyMenuA
InsertMenuItemA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
GetClassInfoA
RegisterClassA
UnregisterClassA
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
OpenIcon
TranslateAcceleratorA
LoadIconA
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
IsChild
GetTopWindow
GetWindow
MsgWaitForMultipleObjects
IsWindowUnicode
GetMessageW
DispatchMessageW
SubtractRect
UnionRect
InflateRect
SetRect
PtInRect
IsRectEmpty
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
SetCapture
GetCapture
KillTimer
SetTimer
DrawCaption
DestroyMenu
ReuseDDElParam
UnpackDDElParam
DestroyIcon
GetClipboardFormatNameA
GetAsyncKeyState
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
DragDetect
EndDialog
GetDesktopWindow
SetRectEmpty
GetDialogBaseUnits
IsClipboardFormatAvailable
MessageBeep
CloseWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
TabbedTextOutA
PostMessageA
IsWindow
MapDialogRect
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
GetFocus
GetKeyState
CallNextHookEx
PeekMessageA
GetCursorPos
SetWindowsHookExA
ValidateRect
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
SendMessageA
MessageBoxA
SetCursor
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
wsprintfA
PostQuitMessage
GetSystemMetrics
CharUpperA
CharUpperW
CharLowerA
CharLowerW
DrawIcon

gdi32

GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
GetStockObject
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
StretchDIBits
EnumFontFamiliesExA
UnrealizeObject
GetObjectType
CreatePen
CreatePenIndirect
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateBrushIndirect
CreatePatternBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateFontA
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
GetBkMode
RectInRegion
CreateICA
CreateCompatibleDC
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
SelectObject
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
AbortDoc

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
ChooseColorA
ReplaceTextA
FindTextA
PageSetupDlgA
CommDlgExtendedError

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA

advapi32

OpenThreadToken
SetThreadToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
SetFileSecurityA
GetFileSecurityA
RevertToSelf

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

comctl32

ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_SetImageCount
ImageList_SetDragCursorImage
ImageList_Read
ImageList_Merge
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord13
ord8
ord17
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_SetBkColor
ImageList_DrawEx
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_AddMasked
ImageList_Add
ImageList_GetImageCount
ord14
ImageList_Copy
ImageList_GetBkColor
ImageList_Write

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathIsUNCA
PathFindExtensionA
PathStripToRootA

ole32

OleDuplicateData
CoCreateInstance
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
OleRun
CoTaskMemAlloc
CreateBindCtx
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
CoDisconnectObject
ReleaseStgMedium
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
CoRevokeClassObject
CoRegisterClassObject
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg

oleaut32

SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SysAllocString
VariantCopy
SafeArrayCreate
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayGetDim
SysStringByteLen
SysAllocStringByteLen
DosDateTimeToVariantTime
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
LoadTypeLi
VariantTimeToSystemTime
VarUdateFromDate
SystemTimeToVariantTime
VarDateFromUdate

Sections

.text
Size: 856KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b486e19e5306a76d8016eecad19e54f2

Headers

File Characteristics

PDB Paths

Imports

ws2_32

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 856KB - Virtual size: 852KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 856KB - Virtual size: 852KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 20KB - Virtual size: 19KB