2024-03-15_36a651a5552d6f31e69b83b3448cbd89_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-15_36a651a5552d6f31e69b83b3448cbd89_icedid
Size

3.6MB
MD5

36a651a5552d6f31e69b83b3448cbd89
SHA1

bafbd8ebc2a8a1a31c42c63496409bd21843b94e
SHA256

281a6a6eae5cee3c5556359720f2210bb0af966673ead9ccbf3199b06e482526
SHA512

75b601daa52e428637bb1624d2d6ace9aa6c05ab8eb127305a52bf1eaafc6b60ed0ad47c4c8f1416a83b19b84ba10b3c53aebcda95294553d9a3097fe89c5e52
SSDEEP

98304:3axBVO1OFonznNt3UyaD3j76TvL8Y5ngifnUnrjyFU+0lkDE5qIaMHn:lznNyzD3j76rL+rjyg+E5qI9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-15_36a651a5552d6f31e69b83b3448cbd89_icedid

Files

2024-03-15_36a651a5552d6f31e69b83b3448cbd89_icedid
.exe windows:5 windows x86 arch:x86

c38ce98dfed1ef4bba4a6dfd9be2e5a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\Base\Source\Clients\ADMIN\PackageCreator\Extractor\ReleaseStatic\ManualPackageExtractor.pdb

Imports

kernel32

GetCurrentThread
InterlockedExchange
ResumeThread
SetThreadPriority
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
FreeLibrary
LoadLibraryExA
CreateProcessW
GetExitCodeProcess
MoveFileExW
GetLocalTime
SetEnvironmentVariableA
WriteConsoleW
GlobalSize
GlobalAlloc
SetLastError
InitializeCriticalSectionAndSpinCount
SetCurrentDirectoryW
GetVersionExW
ExitProcess
CloseHandle
WaitForSingleObject
GetFileAttributesW
CreateDirectoryW
FindResourceW
SizeofResource
LoadResource
GetLastError
LCMapStringW
OutputDebugStringW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetTimeZoneInformation
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetProcessHeap
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
HeapSize
IsProcessorFeaturePresent
IsDebuggerPresent
GetModuleHandleExW
ExitThread
CreateThread
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
RaiseException
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
Sleep
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
lstrcpyW
SetErrorMode
SetFileAttributesW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GlobalFlags
GlobalFindAtomW
FreeResource
GetSystemDirectoryW
DecodePointer
EncodePointer
FileTimeToSystemTime
GlobalGetAtomNameW
InterlockedIncrement
InterlockedDecrement
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LoadLibraryW
LoadLibraryA
lstrcmpiW
GetModuleHandleA
GetVersion
GetCurrentProcess
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcAddress
GetModuleHandleW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameW
LockResource

user32

CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
PostThreadMessageW
GetSystemMenu
IsZoomed
GetComboBoxInfo
TrackMouseEvent
GetKeyNameTextW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageW
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IntersectRect
SendDlgItemMessageA
InflateRect
GetMenuItemInfoW
DestroyMenu
UnregisterClassW
DestroyIcon
IsIconic
FillRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoW
CopyImage
RealChildWindowFromPoint
GetDesktopWindow
SubtractRect
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetDoubleClickTime
SetCursorPos
LoadIconW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExW
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
MessageBoxW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
LoadCursorW
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
SetMenuDefaultItem
ClientToScreen
CopyIcon
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
SendMessageW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostMessageW
PostQuitMessage
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
GetWindowLongW
GetWindowThreadProcessId
SetClassLongW
LockWindowUpdate
SetParent
GetScrollInfo
WaitMessage
GetKeyboardState
ToUnicodeEx
GetLastActivePopup
CharUpperW
GetSystemMetrics
UnhookWindowsHookEx
MapVirtualKeyExW
IsCharLowerW
SetScrollInfo
GetKeyboardLayout
SetRect

gdi32

CopyMetaFileW
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetObjectW
DeleteObject
BitBlt
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
CreateDCW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
TraceEvent

shell32

SHAppBarMessage
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHGetFileInfoW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
OleGetClipboard
CoLockObjectExternal
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
IsAccelerator

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

rpcrt4

RpcStringFreeW
UuidToStringW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c38ce98dfed1ef4bba4a6dfd9be2e5a6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

uxtheme

ole32

oleacc

gdiplus

imm32

winmm

rpcrt4

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 318KB - Virtual size: 317KB

.data Size: 24KB - Virtual size: 55KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 318KB - Virtual size: 317KB

.data
Size: 24KB - Virtual size: 55KB

.rsrc
Size: 8KB - Virtual size: 7KB