2024-03-29_4f5774729cd1b6939284c886ffafe485_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-29_4f5774729cd1b6939284c886ffafe485_icedid
Size

3.0MB
MD5

4f5774729cd1b6939284c886ffafe485
SHA1

19353967adb4ca01c00de2dc756895ad59b6b937
SHA256

097dd50500ccbfdb6b5a9fb346df2166d3764f02de257fdffd5cc98dcc1bf2d8
SHA512

fab8e0e8e5f8aa64023d0d1f006f6d0581f3cc3f18edffbf572ac370cfaf0e4b6a3f07b1f83875390dad29c66caa0d8f8be3de8630eba7d8c5aa8de3095986f3
SSDEEP

49152:X4jc7zVJPn8qGIgG/nGHsBoX4rZ1X0ASmDnfwWl9LVrvGWuSwIbFLOAkGy3zdnEo:cc7DPn85jsBoIv0ASmDnfwWl9L11FLOD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-29_4f5774729cd1b6939284c886ffafe485_icedid

Files

2024-03-29_4f5774729cd1b6939284c886ffafe485_icedid
.exe windows:6 windows x86 arch:x86

51ca9bce869159d4869c5392c1d6e4d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlsFree
TerminateProcess
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
FlsSetValue
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
LCMapStringEx
WriteConsoleW
SetEnvironmentVariableA
FlsGetValue
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
QueryPerformanceCounter
GetStartupInfoW
InitOnceExecuteOnce
GetProcessHeap
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
SetThreadStackGuarantee
HeapQueryInformation
HeapSize
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
CreateThread
HeapReAlloc
GetModuleHandleExW
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
DecodePointer
EncodePointer
GetCommandLineW
GetUserDefaultUILanguage
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
Sleep
VirtualProtect
GetTempPathW
GetTempFileNameW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
FileTimeToSystemTime
GlobalGetAtomNameW
GetFileSize
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GetThreadLocale
DeleteFileW
GlobalFlags
GetCurrentDirectoryW
InterlockedIncrement
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CopyFileW
FormatMessageW
LocalFree
GlobalSize
CompareStringEx
GlobalFindAtomW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GlobalAddAtomW
ResumeThread
SetThreadPriority
WaitForSingleObject
CloseHandle
MulDiv
GetCurrentProcessId
GlobalUnlock
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetVersion
SetLastError
GetLastError
OutputDebugStringA
GetFileAttributesW
lstrcpyW
GlobalFree
FreeResource
GetLocaleInfoEx
GetThreadPreferredUILanguages
WideCharToMultiByte
MultiByteToWideChar
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
RegisterApplicationRestart
RegisterApplicationRecoveryCallback
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
InterlockedExchange
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
GetProcAddress
GetConsoleMode
LoadLibraryA
InitializeCriticalSectionEx

user32

InvalidateRgn
CopyAcceleratorTableW
CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
RemoveMenu
InsertMenuW
GetMenuState
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
SystemParametersInfoW
CopyRect
GetMenuItemInfoW
DestroyMenu
GetKeyboardLayout
InvalidateRect
UpdateWindow
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
GetCursorPos
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetWindowRect
RedrawWindow
SetWindowRgn
DrawStateW
ToUnicodeEx
RegisterClipboardFormatW
ReuseDDElParam
InvertRect
LoadIconW
GetSystemMenu
CreateAcceleratorTableW
GetFocus
IsWindowVisible
DrawFrameControl
DrawEdge
RegisterWindowMessageW
MapDialogRect
GetWindow
GetParent
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
PostMessageW
EnableWindow
DrawIcon
GetClientRect
HideCaret
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
IsClipboardFormatAvailable
GetSystemMetrics
IsIconic
FrameRect
CharUpperBuffW
SubtractRect
GetKeyNameTextW
SetRect
MapVirtualKeyW
GetClassNameW
GetKeyboardState
AppendMenuW
SendMessageW
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
UnregisterClassW
UpdateLayeredWindow
SendDlgItemMessageA
GetUpdateRect
ChangeWindowMessageFilter
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetCursorPos
NotifyWinEvent
LoadMenuW
GetAsyncKeyState
CharUpperW
IsZoomed
TrackMouseEvent
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
EnumDisplayMonitors
SetRectEmpty
SetLayeredWindowAttributes
MessageBeep
GetNextDlgGroupItem
GetMenuStringW
IntersectRect

gdi32

CreateCompatibleDC
CreatePen
CreatePatternBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetDeviceCaps
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
CreateBitmap
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
CopyMetaFileW
CreateDCW
GetRgnBox
GetMapMode
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateCompatibleBitmap
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
BitBlt
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
SetWindowExtEx
CombineRgn
CreateEllipticRgn

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
DragFinish
DragQueryFileW
SHGetFileInfoW
SHAppBarMessage
SHGetKnownFolderPath
SHCreateItemFromParsingName
InitNetworkAddressControl

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW
PathRemoveFileSpecW

uxtheme

EndBufferedPaint
GetWindowTheme
GetThemeSysColor
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
IsThemeBackgroundPartiallyTransparent
BeginBufferedPaint
DrawThemeParentBackground
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
GetThemePartSize

dwmapi

DwmSetWindowAttribute
DwmDefWindowProc
DwmIsCompositionEnabled

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
OleTranslateAccelerator
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
IsAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
OleLockRunning
RevokeDragDrop
CoCreateInstance
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries

oleaut32

OleCreateFontIndirect
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
VariantCopy
VarBstrFromDate
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePalette

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51ca9bce869159d4869c5392c1d6e4d4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

dwmapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 303KB - Virtual size: 302KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 303KB - Virtual size: 302KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB