2024-03-18_b723ad3cb913846b80eda255a7fa8007_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-18_b723ad3cb913846b80eda255a7fa8007_icedid
Size

1.2MB
MD5

b723ad3cb913846b80eda255a7fa8007
SHA1

dc00b7da32de20f41e8be47a4dfd73d3ee3a945d
SHA256

bec4f315e774d523e2a783a0670148b1e29259e336a10004f0350e3bd84e23f0
SHA512

dcff6df47b393e8ce814a5bc18800166aad9f4451b687e3998a2406f6ee2ba13c7f84482b47be5fb7d5b7b32c2dee7cc884c40bdd2edef1e2eefb766852edfe0
SSDEEP

24576:ApvBNcx+97xhAandIQ5h3GBBR4OwypuwEnBwg1pKdgl3PbxNS6:uTj3GBBR4Ow9wWwYpKdgl3PbxNS6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-18_b723ad3cb913846b80eda255a7fa8007_icedid

Files

2024-03-18_b723ad3cb913846b80eda255a7fa8007_icedid
.exe windows:4 windows x86 arch:x86

d34dae15136a189095fa2edb1f515c28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\home\igor\hobby\graphstudio\bin\graphstudio.pdb

Imports

winmm

timeKillEvent
timeEndPeriod
timeSetEvent
timeBeginPeriod

msdmo

DMOUnregister
DMOEnum
MoFreeMediaType

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetSystemTimeAsFileTime
VirtualProtect
VirtualQuery
RtlUnwind
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
GetStartupInfoW
HeapCreate
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
GetProcessHeap
HeapAlloc
HeapFree
SetErrorMode
GetCurrentDirectoryW
LocalFileTimeToFileTime
CreateFileW
GetShortPathNameW
GetVolumeInformationW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
DeleteFileW
MoveFileW
SystemTimeToFileTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
GetThreadLocale
GlobalGetAtomNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
lstrcmpA
GetCurrentProcessId
GetModuleHandleA
GlobalFree
FormatMessageW
LocalFree
VirtualAlloc
GetSystemInfo
VirtualFree
DuplicateHandle
InterlockedExchange
SetThreadPriority
CreateEventW
WaitForMultipleObjects
CloseHandle
GetCurrentThread
GetVersionExW
ResetEvent
SetEvent
GetThreadPriority
lstrcpyW
QueryPerformanceCounter
QueryPerformanceFrequency
SearchPathW
lstrcatW
lstrlenA
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryW
Sleep
SetLastError
GetModuleFileNameW
GetCurrentProcess
GlobalAlloc
EnterCriticalSection
GlobalLock
InterlockedDecrement
GetLastError
InterlockedIncrement
DeleteCriticalSection
RaiseException
LeaveCriticalSection
FlushInstructionCache
lstrlenW
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
lstrcmpW
WideCharToMultiByte
GetTickCount
MultiByteToWideChar
FindResourceW
MulDiv
LoadResource
LockResource
SizeofResource
InterlockedCompareExchange
IsProcessorFeaturePresent
HeapDestroy

user32

CreateMenu
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
LoadAcceleratorsW
InsertMenuItemW
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
DestroyMenu
InflateRect
ShowWindow
IsDialogMessageW
SetDlgItemTextW
UnregisterClassA
SetWindowRgn
DrawIcon
FindWindowW
SystemParametersInfoW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
SystemParametersInfoA
IsIconic
SetParent
SetWindowsHookExW
CallNextHookEx
GetMessageW
GetActiveWindow
IsWindowVisible
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
PeekMessageW
GetQueueStatus
MsgWaitForMultipleObjects
PostThreadMessageW
OffsetRect
TrackMouseEvent
MapWindowPoints
DrawFocusRect
TranslateMessage
DispatchMessageW
PostMessageW
CopyRect
SetCursor
ValidateRect
CreateDialogParamW
SetForegroundWindow
DeleteMenu
SetMenuItemInfoW
LoadMenuW
EnableMenuItem
SetRect
GetSystemMetrics
SetTimer
GetMenuItemInfoW
GetSubMenu
RemoveMenu
KillTimer
GetWindowRect
GetMenu
EndPaint
ScreenToClient
InvalidateRgn
GetWindowTextLengthW
IsWindow
CallWindowProcW
GetDlgItem
UpdateWindow
DefWindowProcW
DestroyWindow
IsChild
LoadCursorW
ClientToScreen
CreateWindowExW
GetClassNameW
FillRect
MoveWindow
RedrawWindow
GetFocus
CreateAcceleratorTableW
DestroyAcceleratorTable
GetWindowLongW
CharNextW
GetDesktopWindow
SendMessageW
BeginPaint
GetSysColor
SetFocus
GetNextDlgGroupItem
CopyAcceleratorTableW
DestroyIcon
CharUpperW
UnregisterClassW
GetSysColorBrush
SetWindowLongW
SetWindowTextW
UnionRect
IsZoomed
WindowFromPoint
DestroyCursor
RegisterClipboardFormatW
UnpackDDElParam
GetWindowPlacement
ReuseDDElParam
GetWindow
RegisterClassExW
SetWindowPos
GetParent
GetClassInfoExW
RegisterWindowMessageW
GetWindowTextW
EnableWindow
InsertMenuW
SetClipboardData
ReleaseDC
CloseClipboard
IntersectRect
IsRectEmpty
ModifyMenuW
EmptyClipboard
ReleaseCapture
CreatePopupMenu
OpenClipboard
GetCursorPos
GetDC
GetMenuItemCount
SetCapture
InvalidateRect
GetClientRect
MessageBoxW
PtInRect
MessageBeep
LoadBitmapW
GetKeyState

gdi32

ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
CreatePen
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
CreateFontIndirectW
GetViewportOrgEx
SetViewportExtEx
EndPage
SetViewportOrgEx
AbortDoc
EndDoc
GetBkColor
GetCharWidthW
StretchDIBits
GetTextMetricsW
CreateRectRgnIndirect
GetTextColor
SetRectRgn
CombineRgn
GetMapMode
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
StartPage
OffsetViewportOrgEx
SetTextAlign
MoveToEx
LineTo
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetWindowExtEx
GetViewportExtEx
GetTextExtentPoint32W
GetDeviceCaps
DeleteDC
GetPixel
Rectangle
Polygon
CreateFontW
CreateRectRgn
SetAbortProc
SetPixel
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CreateDIBSection
SelectObject
GetObjectW
CreateSolidBrush
GetStockObject
DeleteObject
CreateBitmap
BitBlt
CreateCompatibleBitmap
PatBlt
CreateCompatibleDC
SelectClipRgn

msimg32

TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW

advapi32

RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegQueryValueW
GetFileSecurityW
SetFileSecurityW
RegOpenKeyW
RegSetValueW
RegCloseKey
RegEnumValueW
RegQueryValueExW
RegEnumKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW

shell32

DragAcceptFiles
ShellExecuteW
SHGetSpecialFolderPathW
DragFinish
SHGetFileInfoW
ExtractIconW
DragQueryFileW

comctl32

InitCommonControlsEx

shlwapi

PathAddExtensionW
PathStripPathW
PathFileExistsW
SHCreateStreamOnFileW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoInitialize
GetRunningObjectTable
OleInitialize
OleUninitialize
OleLockRunning
StringFromGUID2
CoGetClassObject
CoTaskMemAlloc
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
StgOpenStorage
StgCreateDocfile
StgIsStorageFile
MkParseDisplayName
CoTaskMemFree
CreateBindCtx
CoCreateInstance
CoGetMalloc
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleFlushClipboard
OleIsCurrentClipboard
CoUninitialize
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes

oleaut32

VariantInit
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
OleCreateFontIndirect
SysStringByteLen
SysAllocStringLen
SysStringLen
SysAllocString
LoadTypeLi
VariantClear
LoadRegTypeLi
SysFreeString

xmllite

CreateXmlReader

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

gethostbyname
gethostname
inet_ntoa

Sections

.text
Size: 720KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d34dae15136a189095fa2edb1f515c28

Headers

File Characteristics

PDB Paths

Imports

winmm

msdmo

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

xmllite

version

ws2_32

Sections

.text Size: 720KB - Virtual size: 716KB

.rdata Size: 232KB - Virtual size: 229KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 236KB - Virtual size: 236KB

.text
Size: 720KB - Virtual size: 716KB

.rdata
Size: 232KB - Virtual size: 229KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 236KB - Virtual size: 236KB