2024-03-09_e16a06b5a0f55b151eb9c5a610d40c46_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-09_e16a06b5a0f55b151eb9c5a610d40c46_icedid
Size

4.0MB
MD5

e16a06b5a0f55b151eb9c5a610d40c46
SHA1

8293c5f89302b7a55276ca475e3a2346ea30b04f
SHA256

c73e2d87ed9bb9c996a93d2c617561ebf5576e4d90086255f70f9a412f645bad
SHA512

5af18ac14d1fc45337d219b8ee98268d906a644d125547194d7d0c097b8b3b0affcf985c56e3599068739555ff26d9e027b3fef2a5ba54b4c86ee8923fefdbeb
SSDEEP

24576:jYwvPycaNNpFC/jU9iwZ32rPc/s380pOBBkqtsuV/WI2rM+Fr+L40oVPWI2r+N:8OycMNpFC832rPcE38AOZjyV+LDSy+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-09_e16a06b5a0f55b151eb9c5a610d40c46_icedid

Files

2024-03-09_e16a06b5a0f55b151eb9c5a610d40c46_icedid
.exe windows:4 windows x86 arch:x86

5d1cc4a155e4f7f9d7eca49b9f8945d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\BRS\Current Projects\Biokey\Release\BioKey.pdb

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

HeapFree
HeapReAlloc
IsBadReadPtr
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapSize
GetFileInformationByHandle
PeekNamedPipe
GetFileType
ExitThread
CreateThread
GetTimeZoneInformation
GetStartupInfoA
GetCommandLineA
TerminateProcess
SetStdHandle
QueryPerformanceCounter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
HeapAlloc
CreateDirectoryA
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersion
MultiByteToWideChar
CompareStringW
CompareStringA
lstrlenW
WideCharToMultiByte
lstrcmpiA
lstrlenA
Sleep
GetModuleFileNameA
GetProcessHeap
GetProcAddress
GetModuleHandleA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetLastError
FreeLibrary
SizeofResource
VirtualQuery
GetSystemInfo
VirtualAlloc
RtlUnwind
ExitProcess
SetErrorMode
FindResourceExA
GetOEMCP
GetCPInfo
GetFileTime
GetFileAttributesA
LocalReAlloc
GlobalHandle
GlobalReAlloc
GlobalFlags
WritePrivateProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
LoadLibraryA
ExpandEnvironmentStringsA
GetPrivateProfileStringA
lstrcpyA
lstrcatA
RaiseException
LockResource
InitializeCriticalSection
DeleteCriticalSection
VirtualProtect
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
SetLastError
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
CreateMutexA
HeapCompact
LocalFree
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
ReleaseSemaphore
CreateSemaphoreA
ResumeThread
WaitForSingleObject
GetCurrentProcessId
DeleteAtom
GlobalAddAtomA
CreateFileA
WriteFile
CloseHandle
GetSystemTime
GetVolumeInformationA
GetWindowsDirectoryA
InterlockedIncrement
FormatMessageA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
GetTickCount
InterlockedDecrement
GetCurrentThreadId
WinExec

user32

InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
GetAsyncKeyState
WinHelpA
GetCapture
GetClassInfoExA
IsChild
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
EqualRect
GetClassInfoA
RegisterClassA
IntersectRect
GetWindowPlacement
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetWindowTextLengthA
GetWindowTextA
SetFocus
SystemParametersInfoA
RegisterClipboardFormatA
SetWindowContextHelpId
GetDesktopWindow
CreateDialogIndirectParamA
EndDialog
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
CallNextHookEx
ValidateRect
GetLastActivePopup
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMenuItemCount
PostQuitMessage
BeginDeferWindowPos
DeferWindowPos
GetNextDlgGroupItem
GetClassLongA
GetScrollInfo
MapWindowPoints
GetWindowRgn
IsMenu
AdjustWindowRectEx
CopyIcon
GetKeyState
GetSysColorBrush
SetForegroundWindow
SetMenuDefaultItem
GetWindow
GetClassNameA
DestroyWindow
BeginPaint
EndPaint
TrackPopupMenu
CreateWindowExA
ShowWindow
UpdateWindow
SetWindowPos
GetMessageA
DefWindowProcA
RegisterClassExA
PostThreadMessageA
SetRect
ScreenToClient
GetDC
GetPropA
CallWindowProcA
RemovePropA
GetDlgItem
SetPropA
SetWindowLongA
IsWindow
LoadStringA
GetFocus
MapDialogRect
LoadCursorA
LoadBitmapA
PtInRect
ReleaseDC
GetWindowDC
DrawFrameControl
RedrawWindow
GetCursorPos
ReleaseCapture
SetCapture
FillRect
LoadMenuA
GetIconInfo
MessageBeep
DrawStateA
DrawFocusRect
FrameRect
OffsetRect
InflateRect
CopyRect
GetSysColor
GetWindowRect
TrackPopupMenuEx
WindowFromPoint
GetActiveWindow
ClientToScreen
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
GetWindowLongA
DestroyCursor
DestroyMenu
wsprintfA
wsprintfW
PeekMessageA
TranslateMessage
DispatchMessageA
EndDeferWindowPos
SetWindowsHookExA
UnhookWindowsHookEx
SetDlgItemTextA
DrawMenuBar
EnableMenuItem
SetActiveWindow
IsWindowVisible
GetClientRect
IsIconic
DrawIcon
GetSystemMetrics
KillTimer
SendMessageA
SetTimer
GetSystemMenu
GetMenu
PostMessageA
GetSubMenu
CheckMenuItem
AppendMenuA
EnableWindow
UnregisterClassA
RegisterWindowMessageA
LoadIconA
DestroyIcon
LoadImageA
MessageBoxA
CharNextA
CharUpperA
SetWindowRgn

gdi32

LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePen
CreateSolidBrush
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExA
GetClipBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreatePolygonRgn
FillRgn
OffsetRgn
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateRectRgn
SetTextJustification
TextOutA
GetTextMetricsA
GetTextExtentPoint32A
GetPixel
CreateDIBitmap
CreateFontIndirectA
StretchBlt
CreateFontA
CreateDIBSection
GetObjectA
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
GetStockObject

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA

shell32

ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA
ExtractIconExA

comctl32

ImageList_GetImageCount
ImageList_SetImageCount
ImageList_GetIcon
InitCommonControlsEx
_TrackMouseEvent
ord17
ImageList_Remove
ImageList_GetImageInfo
ImageList_Draw
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Duplicate
ImageList_ReplaceIcon

shlwapi

PathIsRelativeA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecA

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRegisterClassObject
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
StringFromGUID2
CoCreateInstance
OleRun
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoUninitialize
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter

oleaut32

SysFreeString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCopy
VarDateFromUdate
SysAllocStringLen
SafeArrayPutElement
SafeArrayGetElement
VarUdateFromDate
VariantChangeType
VariantCopy
SafeArrayCreate
SafeArrayRedim
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroy
SysStringLen
LoadRegTypeLi
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocStringByteLen
VariantClear
VariantInit
SysStringByteLen
UnRegisterTypeLi
LoadTypeLi
SysAllocString
RegisterTypeLi
GetErrorInfo
VarUI4FromStr

ws2_32

WSAStartup
WSACleanup

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d1cc4a155e4f7f9d7eca49b9f8945d0

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 36KB - Virtual size: 52KB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 36KB - Virtual size: 52KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB