2024-03-13_0fe9e811b536da85a1fce088f5e6f3ed_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-13_0fe9e811b536da85a1fce088f5e6f3ed_icedid
Size

2.0MB
MD5

0fe9e811b536da85a1fce088f5e6f3ed
SHA1

35f32f99adc03a42b7796856b4c4e0f674301168
SHA256

17ea7bd8a0cfed9fa47c20be8299cb5a1ac287d81829afb45acedde87a2d6ff4
SHA512

5d0ca8773d4844421866ff192ff116fec439ae88ee12a826ae5788b33f51a97e1246785d3cbf9a763c036e3a622158d20e703a19fbb90c3a2462f2ee994bb4da
SSDEEP

49152:ZjEMS51kdYrJkFcFm3dKHljakVL3updKMKSIAtQx9FV:ZbS51kdYrJcccdKHljakJ4dPKSIAtQxV

Score

1^/10

Malware Config

Signatures

Files

2024-03-13_0fe9e811b536da85a1fce088f5e6f3ed_icedid
.exe windows:5 windows x86 arch:x86

87d45f50debc0474501a3b36b6950f5b

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

13:08:aa:70:8c:eb:02:e4:ab:62:8a:91:7f:7d:40:3f
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

24-04-2015 00:00

Not After

05-05-2017 23:59

Subject

CN=PKR LTD,OU=DEVELOPMENT,O=PKR LTD,L=St Anne,ST=Alderney,C=GG

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

95:cf:18:b3:82:72:37:43:f9:36:ea:b2:75:95:2f:23:14:d4:62:3e
Signer

Actual PE Digest

95:cf:18:b3:82:72:37:43:f9:36:ea:b2:75:95:2f:23:14:d4:62:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
TerminateProcess
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
IsProcessorFeaturePresent
IsDebuggerPresent
LockResource
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
RtlUnwind
GetCommandLineW
GetOEMCP
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
lstrcmpiW
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
GetCurrentDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
CompareStringW
GlobalFlags
GlobalGetAtomNameW
GetACP
IsValidCodePage
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetVersionExW
GetCurrentThread
ResumeThread
SetThreadPriority
GetCurrentProcessId
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
FormatMessageW
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
FileTimeToDosDateTime
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
DuplicateHandle
SetFilePointer
GetFileType
GetFileInformationByHandle
GetCurrentProcess
WinExec
DeleteFileW
WriteFile
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
LoadLibraryA
lstrlenW
GetProcAddress
GetTickCount
Sleep
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
lstrcpynW
GetNumberFormatW
GetLocaleInfoW
lstrcpyW
MulDiv
GetWindowsDirectoryW
GetPrivateProfileStringW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
CreateFileW
CloseHandle
ReadFile
GetFileSize
CopyFileW
FindResourceW
SizeofResource
LoadResource
OutputDebugStringW

user32

SetRect
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
SetParent
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetSystemMenu
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
LoadImageW
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
GetNextDlgGroupItem
WaitMessage
CharUpperW
DestroyIcon
IsIconic
DeleteMenu
CopyImage
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
RealChildWindowFromPoint
GetSysColorBrush
IntersectRect
ShowOwnedPopups
TranslateMessage
GetMessageW
GetWindowThreadProcessId
LoadMenuW
GetActiveWindow
EndDialog
CreateDialogIndirectParamW
WindowFromPoint
GetCursorPos
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
GetWindowLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
DispatchMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
CopyRect
MapVirtualKeyW
GetKeyNameTextW
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
UnhookWindowsHookEx
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetFocus
DrawEdge
GetWindowRgn
MapDialogRect
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
SetWindowLongW
MessageBeep
ReleaseDC
GetDC
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
SetMenuDefaultItem
GetDoubleClickTime
SetClassLongW
KillTimer
InflateRect
InvalidateRect
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
FillRect
GetSysColor
GetClientRect
RedrawWindow
DrawIcon
GetSystemMetrics
UnregisterClassW
MessageBoxW
SetActiveWindow
ReleaseCapture
SetCapture
SetFocus
GetAsyncKeyState
GetParent
GetDesktopWindow
UpdateWindow
MoveWindow
ShowWindow
IsWindow
PostQuitMessage
PostThreadMessageW
PeekMessageW
RegisterWindowMessageW
wsprintfW
CopyIcon
LoadIconW
DestroyCursor
LoadCursorW
PtInRect
ScreenToClient
SetCursor
SetTimer
GetMessagePos
GetWindowRect
LockWindowUpdate
EnableWindow
SendMessageW
GetNextDlgTabItem

gdi32

MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
SetRectRgn
DPtoLP
GetTextMetricsW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
SetMapMode
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
SetBkMode
SetBkColor
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
Rectangle
CreateFontIndirectW
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
DeleteObject
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
CopyMetaFileW
CreateRectRgn
CreateSolidBrush
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetTextExtentPoint32W
GetCurrentObject
GetBkColor
Escape
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetStockObject
GetDeviceCaps
DeleteDC
CreateDCW
GetObjectW
SetLayout

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegQueryValueW
RegQueryInfoKeyW
RegOpenKeyExW

shell32

ShellExecuteExW
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderW
ExtractIconW
DragFinish
DragQueryFileW
SHGetDesktopFolder

comctl32

ImageList_GetBkColor
ImageList_SetBkColor
ImageList_GetImageInfo

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW
PathRemoveFileSpecW

uxtheme

GetWindowTheme
GetThemeSysColor
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
IsAppThemed
GetThemeColor
DrawThemeBackground
CloseThemeData

ole32

OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoTaskMemAlloc
OleCreateMenuDescriptor

oleaut32

VariantInit
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocString
VariantChangeType
SysAllocStringLen
SysFreeString
VariantClear

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87d45f50debc0474501a3b36b6950f5b

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cbCertificate

Extended Key Usages

Key Usages

13:08:aa:70:8c:eb:02:e4:ab:62:8a:91:7f:7d:40:3fCertificate

Extended Key Usages

Key Usages

95:cf:18:b3:82:72:37:43:f9:36:ea:b2:75:95:2f:23:14:d4:62:3eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

version

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 323KB - Virtual size: 322KB

.data Size: 24KB - Virtual size: 55KB

.rsrc Size: 384KB - Virtual size: 384KB

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

13:08:aa:70:8c:eb:02:e4:ab:62:8a:91:7f:7d:40:3f
Certificate

95:cf:18:b3:82:72:37:43:f9:36:ea:b2:75:95:2f:23:14:d4:62:3e
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 323KB - Virtual size: 322KB

.data
Size: 24KB - Virtual size: 55KB

.rsrc
Size: 384KB - Virtual size: 384KB