2024-02-20_75bb1e27bf1f775936bd1ab5af894a0f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_75bb1e27bf1f775936bd1ab5af894a0f_icedid
Size

2.8MB
MD5

75bb1e27bf1f775936bd1ab5af894a0f
SHA1

74ea362abfed55b45b9b4f93045fc94491582745
SHA256

16136b8023db1ebd91fee920c76391f591f8df8adec2dadd01caa9fe9f07a22f
SHA512

d39f8419e2c694bd37952595c0565f1fa4c660fe941a159b9f3c598c0150eff71f8bdfc0e53e754a9d5cdae421bbd4b9537f0652e90b989861a4dfda039b8bf8
SSDEEP

24576:Ni1kgv7o/b7mYKqSk/h0MyEf5fEhzXzTEa:6aXhSk/lyEf5f8D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_75bb1e27bf1f775936bd1ab5af894a0f_icedid

Files

2024-02-20_75bb1e27bf1f775936bd1ab5af894a0f_icedid
.exe windows:4 windows x86 arch:x86

4d3cc35bc0070efde7f6f5c5caa4ce7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Astel\Projects\LiveViewer\bin\LiveViewer.pdb

Imports

kernel32

FreeEnvironmentStringsA
IsBadWritePtr
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetFileSize
SetFilePointer
GlobalAlloc
MulDiv
GetModuleHandleA
ReadFile
CreateFileA
WriteFile
GlobalLock
GlobalUnlock
FreeResource
GetCPInfo
GetLocalTime
GetExitCodeThread
TerminateThread
GetDiskFreeSpaceExA
GlobalMemoryStatus
GetSystemInfo
FormatMessageA
LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
VirtualFree
HeapCreate
MultiByteToWideChar
Beep
SetFileAttributesA
WritePrivateProfileStringA
HeapDestroy
GetStdHandle
SetHandleCount
GetTimeZoneInformation
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
QueryPerformanceCounter
SetStdHandle
HeapSize
HeapReAlloc
GetCommandLineA
CreateMutexA
GetLastError
ReleaseMutex
CreateDirectoryA
CloseHandle
DeleteCriticalSection
Sleep
GetTickCount
GetLogicalDrives
GetDriveTypeA
GetCurrentDirectoryA
SetCurrentDirectoryA
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
GetPrivateProfileIntA
GetPrivateProfileStringA
DeleteFileA
CopyFileA
WinExec
GetStartupInfoA
RemoveDirectoryA
VirtualQuery
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetFileType
GetSystemTimeAsFileTime
TerminateProcess
CreateThread
ExitThread
RtlUnwind
ExitProcess
SetErrorMode
GetFileTime
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetOEMCP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
RaiseException
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
InterlockedDecrement
SetLastError
GlobalFree
GetModuleFileNameA
LocalAlloc
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
CreatePopupMenu
CreateMenu
DrawEdge
FillRect
LoadBitmapA
CopyRect
SetRect
GetSysColor
GetParent
GetKeyState
GetCapture
CharUpperA
SystemParametersInfoA
SetWindowRgn
GetSystemMetrics
SetTimer
GetWindowRect
DrawIcon
SetForegroundWindow
IsIconic
ReleaseDC
ModifyMenuA
GetSubMenu
GetMenuState
AppendMenuA
GetDC
GetMenuItemCount
LoadImageA
GetClientRect
KillTimer
wsprintfA
FindWindowA
RedrawWindow
EnableWindow
CheckMenuItem
EnableMenuItem
ClientToScreen
ScreenToClient
SetCapture
LoadCursorA
LoadIconA
SendMessageA
GetCursorPos
SetCursor
GetMenuItemID
SetWindowPos
PeekMessageA
TranslateMessage
GetMessageA
DispatchMessageA
GetFocus
SetFocus
GetDlgCtrlID
UpdateWindow
IntersectRect
FrameRect
InflateRect
MessageBoxA
OffsetRect
PtInRect
GetMenuStringA
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
UnhookWindowsHookEx
GetWindow
GetWindowPlacement
SetWindowLongA
CallWindowProcA
DefWindowProcA
UnregisterClassA
RegisterClassA
GetClassInfoA
DeferWindowPos
EqualRect
AdjustWindowRectEx
GetMenu
IsWindowVisible
GetScrollPos
TrackPopupMenu
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
IsChild
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
WinHelpA
RegisterWindowMessageA
DestroyIcon
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowDC
BeginPaint
EndPaint
WindowFromPoint
PostQuitMessage
ValidateRect
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
DestroyMenu
SetRectEmpty
CharNextA
IsRectEmpty
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
GetDCEx
LockWindowUpdate
SetParent
PostMessageA
InvalidateRect
DrawFocusRect
GetMenuItemInfoA
GetSysColorBrush
DrawIconEx
ReleaseCapture

gdi32

GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateDIBSection
GetTextExtentPoint32W
Escape
ExtTextOutA
RectVisible
PtVisible
PatBlt
Rectangle
Ellipse
GetBkMode
CreateFontIndirectA
DPtoLP
GetDeviceCaps
DeleteDC
CreateSolidBrush
SetBkColor
CreateRoundRectRgn
GetObjectA
SetStretchBltMode
StretchDIBits
LineTo
CreatePen
EndPage
StartPage
StartDocA
ResetDCA
LPtoDP
GetPixel
CreateDCA
SetPixel
EndDoc
GetRgnBox
GetTextColor
CombineRgn
SetRectRgn
GetCharWidthA
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateRectRgn
SelectClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetClipBox
SelectObject
MoveToEx
DeleteObject
CreateFontA
SetBkMode
GetTextExtentPoint32A
SetTextAlign
StretchBlt
SetTextColor
TextOutA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
GetFileTitleA

advapi32

RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemFree
OleFlushClipboard

oleaut32

SysAllocString
SystemTimeToVariantTime
OleCreateFontIndirect
SafeArrayDestroy
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy

comctl32

ImageList_Destroy
ImageList_GetIconSize
ImageList_Create
ImageList_GetIcon
ImageList_AddMasked
ord17
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_Draw

shlwapi

UrlUnescapeA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ws2_32

recv
recvfrom
WSAStartup
gethostbyname
inet_ntoa
send
shutdown
sendto
connect
listen
setsockopt
__WSAFDIsSet
ntohs
closesocket
accept
socket
select
htons
inet_addr
bind
WSACleanup

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetQueryDataAvailable
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetOpenUrlA

winmm

timeGetTime
timeBeginPeriod
sndPlaySoundA
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader
waveInOpen
waveOutGetNumDevs
timeSetEvent
timeKillEvent

gdiplus

GdipDeleteGraphics
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipFree
GdipGetImageGraphicsContext
GdipGetDC
GdipReleaseDC
GdipAlloc
GdipCloneImage
GdiplusStartup
GdipDisposeImage

dsound

ord1

exceptionhandler

??0HPExceptionHandler@@QAE@XZ
?Create@HPExceptionHandler@@QAEJH@Z
??1HPExceptionHandler@@QAE@XZ

ddraw

DirectDrawEnumerateExA
DirectDrawCreate

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

Sections

.text
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d3cc35bc0070efde7f6f5c5caa4ce7b

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

oledlg

ws2_32

wininet

winmm

gdiplus

dsound

exceptionhandler

ddraw

winspool.drv

Sections

.text Size: 624KB - Virtual size: 623KB

.rdata Size: 112KB - Virtual size: 109KB

.data Size: 12KB - Virtual size: 496KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.text
Size: 624KB - Virtual size: 623KB

.rdata
Size: 112KB - Virtual size: 109KB

.data
Size: 12KB - Virtual size: 496KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB