2024-04-08_15cb81dbe2552ad0af53907040cc4eeb_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-08_15cb81dbe2552ad0af53907040cc4eeb_icedid
Size

4.4MB
MD5

15cb81dbe2552ad0af53907040cc4eeb
SHA1

cdb0b207b6b5d3b8992b5f2598faa540b20f2914
SHA256

19c500ac9f45e508608fbfb8e1929022c3621edba18b25c618c9fb1bad934a11
SHA512

7c75ce47b9eb92e076fa676ea3618c2f46fdae41e46a39e76230dfdb11bc0a17ed1617a88c67904d537763f6d43d39d50b9925deeff718a2da87d16a2336e577
SSDEEP

98304:kxNGdA+5CBF1utx4ymuDUcLH7QCgCcF6d0c9vp9BhS2foB49MLrR1sMVBVX34Kka:RNHBBhvI1rX3MIZ5pj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-08_15cb81dbe2552ad0af53907040cc4eeb_icedid

Files

2024-04-08_15cb81dbe2552ad0af53907040cc4eeb_icedid
.exe windows:6 windows x86 arch:x86

70d5656f57e1dbdffae37c466b0046ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getservbyname
getservbyport
send
gethostbyname
gethostbyaddr
select
socket
inet_ntoa
inet_addr
htons
htonl
getsockopt
recv
ioctlsocket
WSASocketW
WSASend
WSARecv
ntohs
closesocket
connect
WSAGetLastError
shutdown
setsockopt
WSAStartup
WSASetLastError
WSACleanup
gethostname

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpenRequest
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpCloseHandle
WinHttpOpen
WinHttpConnect

kernel32

SetEnvironmentVariableW
GetCurrentProcess
GetProcessId
IsDebuggerPresent
DebugBreak
OutputDebugStringW
SetLastError
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
CreateSemaphoreExW
GetModuleFileNameA
GetModuleHandleExW
SetFilePointer
VirtualFree
GetEnvironmentVariableW
MoveFileA
GetWindowsDirectoryW
GetStartupInfoW
CreateFileA
GetEnvironmentVariableA
SetEnvironmentVariableA
GetFileTime
CreateProcessA
CreateDirectoryA
FindNextFileA
GetFileSizeEx
RemoveDirectoryA
SetEndOfFile
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
CreateMutexA
GetProcessTimes
SwitchToThread
GetSystemTimeAsFileTime
MapViewOfFileEx
UnmapViewOfFile
GetModuleHandleA
CreateFileMappingA
CreateDirectoryW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
GetDriveTypeW
GetLogicalDrives
GetTempPathW
SetEvent
ResetEvent
WaitForMultipleObjects
GetComputerNameW
GetCurrentDirectoryA
K32EnumDeviceDrivers
K32GetDeviceDriverBaseNameW
DeviceIoControl
DefineDosDeviceA
CreateIoCompletionPort
GetQueuedCompletionStatus
InitializeCriticalSectionAndSpinCount
SleepEx
CreateEventW
SetWaitableTimer
QueueUserAPC
TerminateThread
TlsGetValue
TlsSetValue
GetSystemDirectoryA
GetModuleFileNameW
OutputDebugStringA
EncodePointer
GetVolumeInformationW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
MulDiv
SetThreadPriority
lstrcmpA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
DeleteFileW
GetFullPathNameW
SetErrorMode
SetFileAttributesW
GetUserDefaultLCID
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
GetFileAttributesW
GetDiskFreeSpaceW
OpenMutexW
InitializeCriticalSection
GlobalFree
LocalUnlock
LocalLock
LocalAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
FindFirstFileA
ExitThread
FlushFileBuffers
GetCommandLineW
GlobalLock
GlobalUnlock
GlobalAlloc
LoadLibraryExW
GetVersionExW
MoveFileExW
CreateFileW
SetConsoleTitleW
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
AllocConsole
GetStdHandle
Beep
VirtualAlloc
GetSystemInfo
TlsFree
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
PostQueuedCompletionStatus
DeleteCriticalSection
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
GetLastError
DecodePointer
RaiseException
GetLocaleInfoEx
FindFirstFileExW
GetFileInformationByHandle
SetFileInformationByHandle
AreFileApisANSI
GetFileInformationByHandleEx
GetStringTypeW
LCMapStringEx
ResumeThread
SuspendThread
GetCurrentThread
CreateThread
QueryDosDeviceA
GetProfileStringA
FindNextFileW
FindFirstFileW
FindClose
CopyFileW
GetModuleHandleW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CreateProcessW
GetExitCodeProcess
CreatePipe
WriteFile
ReadFile
GetACP
CopyFileA
GetLocalTime
CreateSemaphoreA
WaitForMultipleObjectsEx
ReleaseSemaphore
WideCharToMultiByte
FormatMessageW
FormatMessageA
LocalFree
CreateEventA
GetProcessHeap
HeapFree
HeapAlloc
CloseHandle
GetCurrentDirectoryW
SetCurrentDirectoryW
MultiByteToWideChar
GetCurrentThreadId
MoveFileExA
GlobalMemoryStatusEx
GetFileAttributesExW
LoadLibraryA
GetTickCount
GetSystemTime
VerifyVersionInfoW
GetProcAddress
VerSetConditionMask
Sleep
ExitProcess
FindResourceW
SizeofResource
LockResource
LoadResource
GetCurrentProcessId
LoadLibraryW
FreeLibrary
CompareStringEx
GetCPInfo
OpenEventA
CreateWaitableTimerA
RtlUnwind
InterlockedPushEntrySList
GetFileType
PeekNamedPipe
SetStdHandle
WriteConsoleW
GetTimeZoneInformation
FreeLibraryAndExitThread
GetCommandLineA
HeapQueryInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
SetFilePointerEx
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
RemoveDirectoryW
GetSystemDirectoryW

user32

DrawTextExW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
IsWindowEnabled
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ValidateRect
EndPaint
BeginPaint
SetActiveWindow
UpdateWindow
GrayStringW
GetCapture
SetFocus
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
GetMenuCheckMarkDimensions
SetRectEmpty
SendDlgItemMessageA
wsprintfA
GetSubMenu
GetMenu
DispatchMessageW
TranslateMessage
SendNotifyMessageW
DrawEdge
GetWindowWord
GetActiveWindow
RegisterClassExW
DefWindowProcW
FindWindowA
GetForegroundWindow
GetMenuStringA
UnionRect
TabbedTextOutW
GetWindowDC
SetRect
GetMessageW
IsZoomed
DrawFocusRect
NotifyWinEvent
PostQuitMessage
RealChildWindowFromPoint
GetSysColorBrush
WindowFromPoint
GetWindowThreadProcessId
GetWindowTextA
AppendMenuA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
PeekMessageW
LoadImageW
CharUpperW
MessageBoxA
UnregisterClassW
IsWindowVisible
SystemParametersInfoW
SetWindowTextA
SetMenuItemInfoW
SetMenuItemBitmaps
DeleteMenu
AppendMenuW
GetMenuItemCount
GetMenuItemID
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
CreateMenu
DrawMenuBar
SetMenu
ShowWindow
IsWindow
ClientToScreen
SetWindowPos
LoadCursorW
PtInRect
IsRectEmpty
OffsetRect
IntersectRect
CopyRect
SetCursor
SetCursorPos
MessageBoxW
SetScrollRange
GetScrollPos
SetScrollPos
GetMenuItemInfoW
TrackPopupMenu
ReleaseCapture
SetCapture
GetFocus
GetSysColor
SetForegroundWindow
GetDlgItem
FillRect
InflateRect
FrameRect
DrawTextW
GetMenuItemRect
RedrawWindow
LoadIconW
ScreenToClient
GetCursorPos
KillTimer
GetDesktopWindow
GetSystemMetrics
EnumWindows
GetWindowTextW
ReleaseDC
GetDC
InvalidateRect
GetKeyState
GetWindowRect
GetClientRect
SetWindowTextW
GetParent
SetWindowLongW
GetWindowLongW
EnableWindow
SetTimer
GetDlgCtrlID
CallWindowProcW
SendMessageW
PostMessageW
DrawFrameControl

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleWindowExtEx
GetCharWidthW
StretchDIBits
CreateFontIndirectW
CreatePen
DeleteDC
Ellipse
GetLayout
SetLayout
SetMapMode
RectVisible
PtVisible
IntersectClipRect
GetClipBox
LineTo
SetBkColor
ScaleViewportExtEx
SetTextColor
CreateBitmap
EndDoc
StartDocA
Escape
CreateDCA
SetROP2
TextOutW
SetPixelV
LineDDA
GetPixel
CreateFontW
Rectangle
SetPixel
StretchBlt
SetDIBits
SelectPalette
RealizePalette
GetDIBits
CreatePalette
CreateDIBitmap
GetStockObject
ExtTextOutW
GetTextMetricsW
GetTextColor
GetBkColor
RestoreDC
MoveToEx
GetObjectW
GetTextExtentPoint32W
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
DeleteObject
SaveDC
SelectObject
BitBlt
ExcludeClipRect

msimg32

TransparentBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteKeyW
SetSecurityDescriptorDacl
RegEnumValueW
RegOpenKeyExA
RegQueryInfoKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
InitializeSecurityDescriptor
RegGetValueW
OpenSCManagerW
EnumServicesStatusW
RegQueryValueExA

shell32

ShellExecuteW
DragQueryFileW
DragQueryPoint
DragFinish
DragQueryFileA
ShellExecuteExW
ShellExecuteExA
GetCurrentProcessExplicitAppUserModelID
SHChangeNotify
SHGetDesktopFolder
SHGetFolderPathW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
SHGetSpecialFolderPathA
SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_Replace
ImageList_Remove
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW

uxtheme

DrawThemeParentBackground
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
IsAppThemed
IsThemeBackgroundPartiallyTransparent

ole32

CoInitialize
CoCreateGuid
CoTaskMemFree
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

SysFreeString
VariantClear
SysAllocStringLen
SysAllocString
VariantChangeType
VariantInit

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

gdiplus

GdipFree
GdiplusStartup
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipDeleteGraphics
GdipFillRectangleI
GdipDrawImageRectI
GdipAlloc

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

exportedHeapusageDiagnostic
printerStatusCleanup

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 615KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70d5656f57e1dbdffae37c466b0046ca

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

setupapi

winhttp

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

mpr

gdiplus

oleacc

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 615KB - Virtual size: 615KB

.data Size: 56KB - Virtual size: 3.3MB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 615KB - Virtual size: 615KB

.data
Size: 56KB - Virtual size: 3.3MB

.rsrc
Size: 44KB - Virtual size: 44KB