2024-02-23_ee0027314bf8c2891600c819cdb858f3_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-23_ee0027314bf8c2891600c819cdb858f3_icedid
Size

26.6MB
MD5

ee0027314bf8c2891600c819cdb858f3
SHA1

b2fffc26297d1cf0aca92ea2d82b485e304ea801
SHA256

c83cf90dd5258dc7dfb1046aaa00522099b6abc92f8895a153b875572d5c02b7
SHA512

e99260696645979549d791dee597e846e962230b9fd947e341604255e0f85b1019a156c71145f27cb82e624c86b26d7089e1a24da74e96a47417c8f794cea43f
SSDEEP

393216:mORqH+1q61EB35WATzrNPng6E8n7LrQvpGeUdZGzf2rL/5sQhwAEZL1+We8xET0:mORqH961E9Ti6Xn7wRGdkzc/+WvQoiEY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-23_ee0027314bf8c2891600c819cdb858f3_icedid

Files

2024-02-23_ee0027314bf8c2891600c819cdb858f3_icedid
.exe windows:5 windows x86 arch:x86

55ac06973688769c47e16c23a6a9721d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
GetSystemDirectoryW
GetStartupInfoW
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetCPInfo
GetDriveTypeA
FindFirstFileA
RtlUnwind
GetConsoleCP
GetConsoleMode
ExitThread
CreateThread
ExitProcess
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
TlsFree
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetProcessHeap
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
FileTimeToDosDateTime
IsProcessorFeaturePresent
InterlockedCompareExchange
VirtualFree
GlobalFlags
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GetProfileIntW
GlobalReAlloc
FindNextFileW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
SetThreadPriority
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
lstrlenA
lstrcmpA
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FreeResource
FormatMessageW
LocalFree
SetFileAttributesA
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
IsDBCSLeadByte
CreateFileMappingW
GlobalFree
GetCurrentProcessId
TerminateProcess
SetFilePointer
GetVersionExW
GetExitCodeProcess
CreateProcessW
CompareFileTime
GetPrivateProfileStringW
WritePrivateProfileStringW
GetDiskFreeSpaceExW
MoveFileExW
SetErrorMode
CreateDirectoryW
CopyFileW
WriteFile
GetFileSize
RemoveDirectoryW
GetFileAttributesW
SetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
GetSystemTimeAsFileTime
ReadFile
CreateFileW
SystemTimeToFileTime
GetLocalTime
IsBadReadPtr
SetFileAttributesW
Sleep
SuspendThread
ResetEvent
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateEventW
GetTempPathW
CloseHandle
ReleaseMutex
CreateMutexW
GetPrivateProfileIntW
GetLongPathNameW
GetCommandLineW
LoadLibraryExW
MultiByteToWideChar
lstrcmpiW
FreeLibrary
DeleteFileW
lstrcmpW
MulDiv
FlushInstructionCache
GetCurrentProcess
RaiseException
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
lstrcpynW
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetSystemInfo
WideCharToMultiByte
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
GetShortPathNameW
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
GetTickCount

user32

TranslateAcceleratorW
CharUpperW
LoadMenuW
InflateRect
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
SetScrollRange
SetScrollPos
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CreatePopupMenu
EnableMenuItem
CheckMenuItem
GetMenuState
DrawStateW
SystemParametersInfoW
MonitorFromPoint
GetMonitorInfoW
MonitorFromWindow
GetAsyncKeyState
DrawIconEx
EqualRect
DispatchMessageW
TranslateMessage
WaitForInputIdle
CallNextHookEx
LoadIconW
UnhookWindowsHookEx
SetWindowsHookExW
SetForegroundWindow
FindWindowW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
SetFocus
GetWindow
GetDlgItem
GetClassNameW
CharNextW
SendMessageW
InvalidateRect
UnregisterClassA
PostMessageW
GetWindowRect
GetClassInfoExW
CreateWindowExW
CreateAcceleratorTableW
MoveWindow
FillRect
InvalidateRgn
CallWindowProcW
DestroyAcceleratorTable
GetWindowLongW
SetWindowLongW
DefWindowProcW
RegisterClassExW
DestroyWindow
ShowWindow
ShowCaret
GetCaretPos
GetSubMenu
GetMenuItemID
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
GetMenuItemInfoW
ValidateRect
GetMessageW
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
GetSysColorBrush
UnregisterClassW
CopyAcceleratorTableW
GetMenuItemCount
SetWindowPos
GetDlgCtrlID
GetNextDlgGroupItem
PostThreadMessageW
SetCursorPos
ModifyMenuW
MessageBeep
ClipCursor
SetCapture
SetCursor
LoadCursorW
DestroyMenu
GetCursorPos
PeekMessageW
SetRect
ReleaseCapture
IsRectEmpty
GetClientRect
LoadBitmapW
EnableWindow
GetDC
ReleaseDC
GetSystemMetrics
OffsetRect
IsWindowVisible
SetClassLongW
SetTimer
WindowFromPoint
KillTimer
RegisterClipboardFormatW
PtInRect
ScreenToClient
ClientToScreen
GetParent
SetWindowRgn
UpdateWindow
IntersectRect
CopyRect
DrawFocusRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsClipboardFormatAvailable
IsIconic
GetClassLongW
GetDesktopWindow
GetKeyState
UnionRect
GetSysColor
IsWindowEnabled
SetRectEmpty
BringWindowToTop
RedrawWindow
IsWindow
PostQuitMessage
GetFocus
GetClipboardData

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SetViewportExtEx
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetMapMode
OffsetViewportOrgEx
SetViewportOrgEx
ExtTextOutW
Escape
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
IntersectClipRect
DeleteObject
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateFontW
GetCharWidthW
CreateBitmap
CreateDCW
CopyMetaFileW
SetBitmapBits
GetBitmapBits
CreateDIBitmap
Ellipse
Rectangle
PatBlt
StretchDIBits
SetDIBColorTable
CreateDIBSection
SetStretchBltMode
GetPixel
CreateSolidBrush
GetDeviceCaps
CreateRoundRectRgn
CreatePolygonRgn
OffsetRgn
ExtCreateRegion
GetRegionData
CreateRectRgnIndirect
CreatePen
GetTextExtentPoint32W
CombineRgn
CreateRectRgn
CreateCompatibleBitmap
CreateFontIndirectW
BitBlt
GetStockObject
CreateCompatibleDC
GetDIBColorTable
StretchBlt
SelectObject
DeleteDC
GetObjectW
ExcludeClipRect

msimg32

TransparentBlt
AlphaBlend

comdlg32

ChooseColorW
ChooseFontW
GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegCloseKey
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW

shell32

DragFinish
DragAcceptFiles
DragQueryFileW
ShellExecuteA
CommandLineToArgvW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
ExtractAssociatedIconW
ShellExecuteW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathRemoveExtensionW
PathRemoveFileSpecW
PathStripPathW
PathFindExtensionW
AssocQueryStringW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
UrlUnescapeW

ole32

CreateStreamOnHGlobal
StringFromGUID2
CLSIDFromString
OleInitialize
CoTaskMemAlloc
CoGetClassObject
OleLockRunning
CoTaskMemFree
CoTaskMemRealloc
CoSetProxyBlanket
ReleaseStgMedium
OleDuplicateData
CoUninitialize
CoInitializeEx
CoFreeUnusedLibraries
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
CLSIDFromProgID

oleaut32

LoadTypeLi
VariantClear
VariantInit
SysAllocStringLen
VarUI4FromStr
VariantChangeType
VariantCopy
LoadRegTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
SysFreeString
SysAllocString

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipSaveImageToFile
GdipDrawImageRectRectI
GdipCreateImageAttributes
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipCreateLineBrushFromRectI
GdipDeleteBrush
GdipCreateBitmapFromFile
GdipFillRectangleI
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromStream
GdiplusStartup
GdiplusShutdown
GdipGetImageWidth

imagehlp

MakeSureDirectoryPathExists

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

sensapi

IsNetworkAlive

winmm

PlaySoundW

ws2_32

gethostbyname
WSAStartup
WSACleanup

wininet

HttpOpenRequestW
InternetOpenUrlW
InternetConnectW
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
HttpAddRequestHeadersW
InternetErrorDlg
InternetCrackUrlW
InternetQueryDataAvailable
InternetQueryOptionW
InternetSetOptionExW
InternetOpenW
InternetCanonicalizeUrlW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 809KB - Virtual size: 809KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55ac06973688769c47e16c23a6a9721d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

imagehlp

version

sensapi

winmm

ws2_32

wininet

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 277KB - Virtual size: 276KB

.data Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 809KB - Virtual size: 809KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 277KB - Virtual size: 276KB

.data
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 809KB - Virtual size: 809KB