2024-03-05_48a216da819a652ab08c85395c418e31_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-05_48a216da819a652ab08c85395c418e31_icedid
Size

1.4MB
MD5

48a216da819a652ab08c85395c418e31
SHA1

b7634c1177761186c5b025249af06adc36ff4b3d
SHA256

070a7384fa3b5a3a5123769553b68ca7e9640fdb183b4cd2b3b2726a808e8f84
SHA512

6b0b25ebc0f3ceee51bb3120a1c1a7ef71373723e336261d5d0525627764966200276e6387e1d4d317a131a099c408e5d0b114622a438172d49a41c6717ad5ce
SSDEEP

24576:dsRsJ3VHpain+TH6+r62tyIaOMVI5kZicz+p:9zJai+m+rpty3OpkZbS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-05_48a216da819a652ab08c85395c418e31_icedid

Files

2024-03-05_48a216da819a652ab08c85395c418e31_icedid
.exe windows:4 windows x86 arch:x86

5c3c0f6a7b0241ca9ce2a992480cb4ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

bmaframe

CreateXmlConfigParse
CreateBMAFramework

kernel32

GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetVersionExA
GetEnvironmentVariableA
UnhandledExceptionFilter
GetStringTypeW
GetCPInfo
CompareStringA
CompareStringW
SetEnvironmentVariableW
GetDriveTypeA
GetACP
GetOEMCP
SetEnvironmentVariableA
HeapSize
GlobalFlags
HeapReAlloc
TerminateProcess
HeapFree
GetFileType
SetStdHandle
GetLocalTime
HeapAlloc
RaiseException
RtlUnwind
GetSystemTime
GetTimeZoneInformation
ExitProcess
GetStartupInfoW
FindResourceExW
GetCurrentDirectoryW
LocalFileTimeToFileTime
SetErrorMode
SystemTimeToFileTime
LocalReAlloc
GetProcessVersion
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
LocalAlloc
GlobalHandle
TlsAlloc
IsBadCodePtr
GetStringTypeA
SizeofResource
lstrcatW
IsBadReadPtr
IsBadWritePtr
GetModuleFileNameA
GetFileTime
lstrlenA
FindNextFileW
CreateEventW
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
Sleep
SetEvent
CreateThread
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileSectionW
FindFirstFileW
FindClose
GetPrivateProfileStringW
GetFileAttributesW
SetFileAttributesW
WritePrivateProfileStringW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteFileW
RemoveDirectoryW
GetTickCount
GetTempPathW
CreateDirectoryW
GetLastError
WriteFile
GetFileSize
ReadFile
CreateFileW
CloseHandle
GetModuleFileNameW
GetPrivateProfileIntW
GlobalGetAtomNameW
GetDiskFreeSpaceW
lstrcmpW
GetProfileStringA
GlobalAddAtomA
FindResourceA
SetFileTime
GetTempFileNameW
lstrcmpiA
GlobalAlloc
lstrcmpA
GetCurrentThread
MulDiv
GetThreadLocale
GetShortPathNameW
lstrcmpiW
GetVolumeInformationW
GetStringTypeExW
GetFullPathNameW
SetEndOfFile
LoadLibraryW
MoveFileW
FlushFileBuffers
UnlockFile
LockFile
DuplicateHandle
SetFilePointer
GetCurrentProcess
FileTimeToSystemTime
SetLastError
FileTimeToLocalFileTime
GetModuleHandleA
FormatMessageW
LocalFree
GetVersion
LoadLibraryA
FreeLibrary
GlobalFindAtomW
GetCurrentThreadId
GlobalAddAtomW
GetProcAddress
GlobalDeleteAtom
GetModuleHandleW
GlobalFree
GlobalLock
GlobalUnlock
LoadResource
LockResource
FindResourceW
lstrcpyW
lstrcpynW
lstrlenW
VirtualAlloc

user32

CopyAcceleratorTableW
DestroyIcon
GetMenuStringW
DeleteMenu
InsertMenuW
LockWindowUpdate
GetDCEx
GetSysColorBrush
LoadCursorW
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
TranslateAcceleratorW
LoadAcceleratorsW
LoadStringW
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
ValidateRect
GetCursorPos
WindowFromPoint
SetRectEmpty
GrayStringW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MapDialogRect
GetAsyncKeyState
CharUpperW
ShowWindow
MoveWindow
IsDialogMessageW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgGroupItem
CharNextW
SendDlgItemMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetTopWindow
MessageBoxW
IsChild
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthW
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
IntersectRect
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
SetParent
RegisterClipboardFormatW
EnableMenuItem
SendDlgItemMessageW
GetDlgCtrlID
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
DrawIcon
GetDesktopWindow
PtInRect
GetMessagePos
ScreenToClient
GetCapture
ReleaseCapture
MapWindowPoints
OffsetRect
SetCapture
GetSystemMetrics
DrawFrameControl
DrawFocusRect
GetDC
ReleaseDC
GetWindow
GetClassNameW
LoadImageW
FrameRect
IsRectEmpty
GetWindowTextW
EnumWindows
GetMessageW
PostThreadMessageW
PeekMessageW
SetMenu
GetKeyState
MessageBeep
TranslateMessage
DispatchMessageW
SetRect
GetCaretPos
keybd_event
KillTimer
SetTimer
GetSysColor
CopyRect
InflateRect
wsprintfW
UpdateWindow
PostMessageW
GetFocus
FillRect
GetClientRect
GetParent
DrawTextW
LoadBitmapW
GetWindowRect
EnableWindow
InvalidateRect
LoadIconW
SendMessageW
WinHelpW
SetWindowTextW
DefWindowProcA
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
GetClassInfoA
DefDlgProcA
GetPropA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA

gdi32

CreateCompatibleDC
GetObjectW
BitBlt
SelectObject
SetBkMode
LineTo
CreateDIBitmap
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetDeviceCaps
CreatePatternBrush
PtVisible
RectVisible
Escape
PatBlt
TextOutW
StretchDIBits
GetCharWidthW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
EnumFontFamiliesExW
IntersectClipRect
GetBkColor
LPtoDP
GetTextColor
CreateSolidBrush
SetTextColor
ExcludeClipRect
SelectClipRgn
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetMapMode
SetViewportOrgEx
RestoreDC
SaveDC
GetStockObject
CreateBitmap
SetBkColor
CreateFontW
GetClipBox
Rectangle
ExtTextOutW
CreateDIBSection
GetTextMetricsW
CreateCompatibleBitmap
CreatePen
DeleteObject
GetTextExtentPoint32W
DeleteDC
MoveToEx
ExtTextOutA
GetTextExtentPointA
CreateFontIndirectW
ScaleWindowExtEx

comdlg32

GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueW
CryptReleaseContext
RegCreateKeyW
RegQueryValueExW
SetFileSecurityW
RegCloseKey
RegEnumValueW
RegOpenKeyExW
CryptAcquireContextW
GetFileSecurityW
RegDeleteValueW
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW

shell32

ExtractIconW
DragQueryFileW
SHGetFileInfoW
DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc

comctl32

ImageList_DragEnter
ord17
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Draw
ImageList_DrawEx
ImageList_BeginDrag
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW

oledlg

OleUIBusyW

ole32

CLSIDFromProgID
CoUninitialize
OleInitialize
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CLSIDFromString
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleRun

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocString
SysAllocStringLen
VariantCopy
VariantChangeType
SysFreeString
VariantClear
VariantInit
GetErrorInfo

Sections

.text
Size: 400KB - Virtual size: 397KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 744KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c3c0f6a7b0241ca9ce2a992480cb4ec

Headers

File Characteristics

Imports

version

bmaframe

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 400KB - Virtual size: 397KB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 32KB - Virtual size: 53KB

.rsrc Size: 744KB - Virtual size: 740KB

.text
Size: 400KB - Virtual size: 397KB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 32KB - Virtual size: 53KB

.rsrc
Size: 744KB - Virtual size: 740KB