2024-02-25_b704e878c696a379b76f752c43bc6d71_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-25_b704e878c696a379b76f752c43bc6d71_icedid
Size

1.9MB
MD5

b704e878c696a379b76f752c43bc6d71
SHA1

78eca571d0cb022e792af91ab2f6c9d5e6605f4a
SHA256

fbe768d9865d35b28cf211adace30b4738f098251dbf9b88b3c553835750bd5f
SHA512

e8237b116e77db0e5d54a12409c4457730edec3ce059bedd1417f13be39da25315df1019ab6103bddfc732bf4014ba48e84f54f0577803729c84073d314ad059
SSDEEP

49152:FlbbI4ru5TtXh1bvPXcqa1Ae2uN3BhDi2Ftx+j3pW+vJT9ZyJ:vIKuRtXhxvEqxe2uN3BhOQt0TEU+J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-25_b704e878c696a379b76f752c43bc6d71_icedid

Files

2024-02-25_b704e878c696a379b76f752c43bc6d71_icedid
.exe windows:5 windows x86 arch:x86

7b2befe008710db50df6ad5b43c36a8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Construct Compile\Runtime\PreviewRelease.pdb

Imports

dinput8

DirectInput8Create

kernel32

WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
CreateFileA
WriteFile
CloseHandle
SetCurrentDirectoryA
DeleteFileA
SearchPathA
GetTempPathA
GetLongPathNameA
GetTempFileNameA
CreateDirectoryA
GetLastError
FreeResource
GetModuleHandleA
FreeLibrary
GetSystemInfo
GetModuleFileNameA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
LocalAlloc
LocalFree
InterlockedExchange
RaiseException
lstrlenA
MulDiv
MultiByteToWideChar
lstrlenW
CompareStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
VirtualFree
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetStdHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
FormatMessageA
WritePrivateProfileStringA
SetStdHandle
ExitProcess
GlobalSize
CopyFileA
GlobalFree
CreateThread
ExitThread
HeapSize
HeapReAlloc
VirtualQuery
VirtualAlloc
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
RemoveDirectoryA
GetSystemTimeAsFileTime
FindResourceExA
VirtualProtect
GetProfileIntA
GetTickCount
lstrcpyA
GetSystemDirectoryW
LoadLibraryW
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
WaitForSingleObject
ResumeThread
SetLastError
SetThreadPriority
GlobalFlags
FileTimeToSystemTime
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA

user32

FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
SetClassLongA
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
SetWindowRgn
IsZoomed
SetCapture
LockWindowUpdate
UnionRect
SetParent
GetSystemMenu
IsRectEmpty
MapVirtualKeyA
GetKeyNameTextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
WindowFromPoint
KillTimer
SetTimer
UnpackDDElParam
ReuseDDElParam
LoadMenuA
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
DeleteMenu
ShowOwnedPopups
InvalidateRect
SetRectEmpty
CharUpperA
DestroyIcon
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMessageA
GetActiveWindow
ValidateRect
GetDesktopWindow
ClientToScreen
DestroyMenu
GetMenuItemInfoA
InflateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetUpdateRect
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetDC
ReleaseDC
GetSysColorBrush
IsWindowEnabled
MoveWindow
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
EnableWindow
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
PtInRect
GetMenuDefaultItem
CopyImage
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
GetIconInfo
IsCharLowerA
MapVirtualKeyExA
SubtractRect
GetDlgCtrlID
SendMessageA
CallWindowProcA
GetMenu
GetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetMenuState
GetNextDlgGroupItem
GetWindowRgn
DrawIcon
DestroyCursor
LoadBitmapA
MapDialogRect
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetWindowTextA
ShowWindow
SetWindowPos
DispatchMessageA
TranslateMessage
PeekMessageA
LoadStringA
SetRect
SetWindowLongA
CreateWindowExA
RegisterClassExA
GetSystemMetrics
LoadIconA
DestroyWindow
GetClientRect
EnumDisplaySettingsA
SetMenu
LoadCursorA
SetCursor
SetWindowTextA
MessageBoxA
GetAsyncKeyState
LoadImageA
GetWindowRect
DefWindowProcA
ScreenToClient
GetCursorPos
AppendMenuA
CreatePopupMenu
GetSysColor
PostQuitMessage

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateCompatibleBitmap
CreateRectRgnIndirect
SetRectRgn
CombineRgn
SetTextAlign
DPtoLP
GetBkColor
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateDIBSection
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
RoundRect
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileA
GetDeviceCaps
PatBlt
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA

shell32

SHFileOperationA
SHGetFileInfoA
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHAppBarMessage

comctl32

ord17
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveFileSpecW

winmm

PlaySoundA

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoInitializeEx
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleCreateMenuDescriptor

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b2befe008710db50df6ad5b43c36a8b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dinput8

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

winmm

ole32

oleaut32

gdiplus

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 343KB - Virtual size: 343KB

.data Size: 25KB - Virtual size: 61KB

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 343KB - Virtual size: 343KB

.data
Size: 25KB - Virtual size: 61KB

.rsrc
Size: 63KB - Virtual size: 62KB