2024-03-16_35bd8729f33c48f68371a53609d60708_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-16_35bd8729f33c48f68371a53609d60708_icedid
Size

3.7MB
MD5

35bd8729f33c48f68371a53609d60708
SHA1

1ad939dd1177fb3b6c9d072ece26416e03025313
SHA256

5dc51b094f67288c8648674d14a86c2e9db229a5252f5d772884a0eb021c6637
SHA512

7fc0d5de284edf8bed3d58be65f3a5a06297ea8f27d8a2c7fa9e421c0d8ce6e7bfbee7984f68196da23b00ed46c7f5cf71b6d55bf85b27f0bc63b85619700d5b
SSDEEP

98304:6ITpXbPOnL78DEdffv/v/X16nSE/dgBGbdYaIIqmwlTLobTE9BgD:6QpP6veYffv/v/wR/CBGbdYaIIqmwlTs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-16_35bd8729f33c48f68371a53609d60708_icedid

Files

2024-03-16_35bd8729f33c48f68371a53609d60708_icedid
.exe windows:5 windows x86 arch:x86

40f88eb5759cbe5a1242fb5d82b8f630

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapReAlloc
CreateThread
ExitThread
ExitProcess
RaiseException
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoW
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
FindResourceExW
GetProfileIntW
GetProcessHeap
GetTimeFormatW
SearchPathW
GetDateFormatW
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
FileTimeToLocalFileTime
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
MoveFileW
lstrlenA
lstrcmpA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
GlobalGetAtomNameW
GetModuleHandleA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
SuspendThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
ResetEvent
CreateFileMappingW
lstrcpynW
GetLocalTime
VirtualProtect
GetTickCount
WaitForSingleObject
CreateProcessW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateDirectoryW
CreateEventW
CloseHandle
WinExec
InterlockedDecrement
lstrcpyW
SetEvent
FreeLibrary
WritePrivateProfileStringW
GetModuleFileNameW
SizeofResource
GetTempPathW
GetCurrentDirectoryW
ExpandEnvironmentStringsW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetLastError
SetLastError
GetModuleHandleW
GetCurrentProcessId
FindFirstFileW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
DeleteFileW
FindNextFileW
FindClose
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
Sleep
IsDBCSLeadByte
LoadLibraryW
GetProcAddress
FindResourceW
LoadResource
LockResource

user32

GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
PeekMessageW
UnhookWindowsHookEx
GetWindowTextLengthW
SetWindowPos
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetMenuState
GetMenuStringW
GetMenuItemID
GetMenuItemCount
RemoveMenu
GetScrollRange
IsChild
CallWindowProcW
SetPropW
GetDesktopWindow
GetPropW
IsIconic
GetLastActivePopup
RegisterClipboardFormatW
DrawIcon
SetWindowRgn
OffsetRect
GetSubMenu
LoadIconW
PostThreadMessageW
UpdateWindow
SetTimer
MapWindowPoints
WindowFromPoint
KillTimer
DrawIconEx
DestroyIcon
ReleaseCapture
SetCapture
ScreenToClient
CheckMenuItem
AppendMenuW
PtInRect
IsRectEmpty
SetScrollRange
SetMenu
ScrollWindow
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
SetActiveWindow
RemovePropW
EqualRect
CopyRect
FillRect
DefWindowProcW
SetWindowPlacement
SetScrollInfo
GetScrollInfo
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
ShowScrollBar
GetScrollPos
GetForegroundWindow
SetScrollPos
LoadMenuW
SendMessageW
PostMessageW
GetWindowRect
GetClientRect
InvalidateRect
GetFocus
GetClassLongW
GetCapture
AdjustWindowRectEx
WinHelpW
GetParent
SetRectEmpty
EnableWindow
GetWindowLongW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsWindowEnabled
SetFocus
GetWindow
IsWindow
GetKeyState
InflateRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetSystemMetrics
ChildWindowFromPointEx
ReleaseDC
GetDC
GetClassNameW
MapVirtualKeyW
UnhookWinEvent
MessageBoxW
SetWinEventHook
LoadBitmapW
GetSysColor
CreatePopupMenu
SendDlgItemMessageA
RegisterWindowMessageW
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ClientToScreen
BeginPaint
EndPaint
GetKeyNameTextW
GetWindowThreadProcessId
TranslateAcceleratorW
BringWindowToTop
InsertMenuItemW
LoadAcceleratorsW
SetCursor
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
SetRect
CopyAcceleratorTableW
InvalidateRgn
CharNextW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CharUpperW
PostQuitMessage
ShowOwnedPopups
MapDialogRect
LockWindowUpdate
GetNextDlgGroupItem
MessageBeep
IsClipboardFormatAvailable
UnionRect
SetParent
InsertMenuW
SetMenuDefaultItem
ValidateRect
IsWindowVisible
RedrawWindow
OpenClipboard
SetForegroundWindow
ShowWindow
CloseClipboard
SetClipboardData
SetWindowContextHelpId
EmptyClipboard
PrintWindow
CreateMenu
GetClipboardData
GetDoubleClickTime
DestroyCursor
MapVirtualKeyExW
IsCharLowerW
GetWindowRgn
CharUpperBuffW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CreateAcceleratorTableW
SubtractRect
WaitMessage
GetMenuDefaultItem
IsMenu
GetSystemMenu
DeleteMenu
UnregisterClassW
GetSysColorBrush
LoadCursorW
DestroyAcceleratorTable
IsZoomed
DrawEdge
DrawFrameControl
SetCursorPos
CopyIcon
EnableScrollBar
FrameRect
DrawFocusRect
GetIconInfo
SetClassLongW
DrawStateW
CopyImage
LoadImageW
GetUpdateRect
GetWindowDC
GetAsyncKeyState
TrackPopupMenu
GetCursorPos
GetWindowTextW
EnumChildWindows

gdi32

SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetPolyFillMode
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
SaveDC
GetRgnBox
GetBkColor
GetTextColor
CreateEllipticRgn
LPtoDP
GetTextMetricsW
SetBkMode
GetClipBox
GetDCOrgEx
CreateFontIndirectW
CopyMetaFileW
CreateBitmap
SetBkColor
SetTextColor
DeleteObject
GetTextExtentPoint32W
GetTextFaceW
CreateRectRgn
CreateDIBSection
SelectObject
CreateDCW
GetDeviceCaps
DeleteDC
GetStockObject
SetDCBrushColor
Ellipse
GetDIBits
RealizePalette
SetPixel
EnumFontFamiliesW
GetTextCharsetInfo
CreateDIBitmap
Polyline
CreatePolygonRgn
Polygon
CreateRoundRectRgn
OffsetRgn
Rectangle
RoundRect
SetDIBColorTable
FrameRgn
FillRgn
GetPaletteEntries
CreatePalette
PtInRegion
GetBoundsRect
SetPaletteEntries
ExtFloodFill
GetNearestPaletteIndex
GetSystemPaletteEntries
SetPixelV
GetViewportOrgEx
GetWindowOrgEx
EnumFontFamiliesExW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StretchBlt
GetMapMode
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
DPtoLP
RestoreDC
BitBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetFileSecurityW
RegQueryValueExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueW
RegDeleteValueW
RegCloseKey
SetFileSecurityW
RegQueryValueW
RegEnumKeyW

shell32

SHAppBarMessage
SHBrowseForFolderW
ExtractIconW
DragQueryFileW
DragFinish
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetSpecialFolderPathW
ShellExecuteW

comctl32

ImageList_GetIconSize
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIcon
ImageList_DrawEx
ImageList_GetImageCount

shlwapi

PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrStrIW
PathFileExistsW
SHDeleteKeyW
UrlUnescapeW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
OleFlushClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CreateStreamOnHGlobal
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoCreateInstance
CoTaskMemFree
CLSIDFromString
CoUninitialize
CoRegisterMessageFilter
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

VarUdateFromDate
OleCreateFontIndirect
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VariantInit
SysAllocStringLen
VariantCopy
LoadTypeLi
SysAllocString
SysFreeString
VariantClear

urlmon

UrlMkSetSessionOption
URLDownloadToFileW

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdiplusStartup
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCloneImage
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdiplusShutdown

wininet

InternetCloseHandle
InternetGetLastResponseInfoW
InternetOpenW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestW
InternetOpenUrlW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
HttpQueryInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
FindFirstUrlCacheEntryW

winmm

PlaySoundW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 406KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 827KB - Virtual size: 826KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40f88eb5759cbe5a1242fb5d82b8f630

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

wininet

winmm

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 406KB - Virtual size: 405KB

.data Size: 30KB - Virtual size: 55KB

.rsrc Size: 827KB - Virtual size: 826KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 406KB - Virtual size: 405KB

.data
Size: 30KB - Virtual size: 55KB

.rsrc
Size: 827KB - Virtual size: 826KB