E:\UIDownloader\bin\Release\setup_1_237148.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-04-09_bdc6e3271a445ed6e604fe99cb03ec4b_icedid.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-04-09_bdc6e3271a445ed6e604fe99cb03ec4b_icedid.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
2024-04-09_bdc6e3271a445ed6e604fe99cb03ec4b_icedid
-
Size
20.2MB
-
MD5
bdc6e3271a445ed6e604fe99cb03ec4b
-
SHA1
c630e96008c63b7136c0ab4f43d2f95b71448087
-
SHA256
215e428950a5a6ba82d7cac145a9f26d956fc067b81e98c91ef146ca8b737227
-
SHA512
3b27bf3812b7c1180d70e7a07955eb72b0929565cf23071aefe38f1bc143eef53f1c552214ff3630f5707ffc291fb76051f98b1914f0c7057c5dee974f4243d9
-
SSDEEP
393216:oA1c7w1KPQrfD6CuEn/J1Tvzi4fC5669G4eTsSpcRwugtOdqvvu:ozsKPs7J1TvrC56699eTZ+skd3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-04-09_bdc6e3271a445ed6e604fe99cb03ec4b_icedid
Files
-
2024-04-09_bdc6e3271a445ed6e604fe99cb03ec4b_icedid.exe windows:5 windows x86 arch:x86
9b4c5e1a3d6bd21e2dedd36296048ca4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
FreeResource
SizeofResource
LockResource
GetShortPathNameW
FindFirstFileW
SetFileAttributesW
GetLastError
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
lstrlenW
GetLogicalDrives
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
CreateFileW
GetFileSize
CloseHandle
LoadResource
MultiByteToWideChar
GlobalFree
Sleep
lstrcpynW
WideCharToMultiByte
GetACP
SetCurrentDirectoryW
CreateDirectoryW
lstrcpyW
IsBadWritePtr
DeleteFileA
GetModuleHandleA
GetProcAddress
GetModuleFileNameW
GetEnvironmentVariableW
OpenMutexA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
VirtualProtect
HeapFree
SetLastError
VirtualFree
VirtualAlloc
LoadLibraryA
GetNativeSystemInfo
GlobalAlloc
GetVolumeInformationW
SetConsoleMode
ReadConsoleA
SwitchToFiber
DeleteFiber
CreateFiber
ConvertFiberToThread
ConvertThreadToFiber
GetSystemTime
HeapAlloc
GetProcessHeap
FreeLibrary
GetVersionExW
FormatMessageW
ExitProcess
CreateMutexW
OpenMutexW
GetCommandLineW
QueryPerformanceFrequency
ReadFile
WriteFile
QueryPerformanceCounter
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetEndOfFile
GetModuleHandleW
GetStringTypeW
TryEnterCriticalSection
GetCurrentThreadId
EncodePointer
DuplicateHandle
WaitForSingleObjectEx
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetExitCodeThread
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
SetEvent
ResetEvent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
OutputDebugStringA
GetSystemDirectoryW
LoadLibraryExW
LoadLibraryW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
GlobalLock
GlobalUnlock
GlobalSize
LocalFree
MulDiv
CopyFileW
SetErrorMode
GlobalGetAtomNameW
InitializeCriticalSection
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
WaitForSingleObject
SetThreadPriority
ResumeThread
lstrcmpA
GetUserDefaultUILanguage
GlobalFlags
FileTimeToSystemTime
SystemTimeToFileTime
GetCurrentDirectoryW
FindResourceExW
GetWindowsDirectoryW
lstrcmpiW
FlushFileBuffers
GetFullPathNameW
FindResourceW
LockFile
UnlockFile
VerSetConditionMask
VerifyVersionInfoW
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToTzSpecificLocalTime
GetTempPathW
GetProfileIntW
SearchPathW
GetTempFileNameW
GetUserDefaultLCID
OutputDebugStringW
GetLocalTime
InterlockedIncrement
InterlockedDecrement
MoveFileExW
CompareFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GetSystemInfo
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetSystemDirectoryA
MoveFileExA
GetEnvironmentVariableA
GetStdHandle
GetFileType
PeekNamedPipe
SleepEx
CreateTimerQueue
SignalObjectAndWait
CreateThread
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
GetModuleHandleExW
GetModuleFileNameA
GetCommandLineA
HeapQueryInformation
VirtualQuery
SetStdHandle
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
ReadConsoleW
SetConsoleCtrlHandler
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
DeleteCriticalSection
DecodePointer
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
IsBadReadPtr
user32
RemoveMenu
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
ClientToScreen
FillRect
GetSystemMetrics
DestroyMenu
GetMenuItemInfoW
InflateRect
CopyImage
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetWindowThreadProcessId
GetMessageW
TranslateMessage
GetCursorPos
GetSysColorBrush
LoadCursorW
RealChildWindowFromPoint
GetAsyncKeyState
MapDialogRect
IntersectRect
TrackMouseEvent
InvalidateRect
DestroyIcon
LoadImageW
ShowOwnedPopups
SetCursor
DeleteMenu
SetTimer
CreatePopupMenu
GetMenuDefaultItem
CharUpperW
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsWindowEnabled
AppendMenuW
GetWindowRgn
DestroyCursor
RegisterClassExW
CharPrevW
CreateCaret
GetCaretBlinkTime
ShowCaret
SetCaretPos
GetCaretPos
wsprintfA
DrawTextA
InvalidateRgn
GetGUIThreadInfo
CharPrevExA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
CharNextW
SystemParametersInfoW
GetWindowRect
SetWindowPos
wsprintfW
GetWindowLongW
SetWindowLongW
MessageBoxW
GetDesktopWindow
GetMonitorInfoW
MonitorFromWindow
IsIconic
ScreenToClient
GetClientRect
SetWindowRgn
PostQuitMessage
GetUserObjectInformationW
GetProcessWindowStation
ShowWindow
KillTimer
SendMessageW
MessageBeep
EnableWindow
PostMessageW
FindWindowW
FlashWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
GetClassLongW
InsertMenuW
WinHelpW
GetScrollInfo
GetMenuState
SetScrollInfo
GetMenuStringW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
CreateDialogIndirectParamW
MoveWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CreateMenu
CheckMenuItem
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
SubtractRect
GetParent
gdi32
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
PtVisible
LineTo
IntersectClipRect
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
CombineRgn
CreateRectRgnIndirect
SetTextAlign
CreateRoundRectRgn
DeleteObject
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetLayout
SetStretchBltMode
SetPolyFillMode
PatBlt
SetROP2
SetLayout
RectVisible
SetMapMode
SetRectRgn
SetBkColor
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateBitmap
GetObjectW
SetTextColor
OffsetViewportOrgEx
DPtoLP
SetBitmapBits
GetBitmapBits
GetTextExtentPointA
GdiFlush
GetObjectA
GetCharABCWidthsW
CreatePenIndirect
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
RemoveFontMemResourceEx
AddFontMemResourceEx
GetTextFaceW
advapi32
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegFlushKey
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
shell32
ShellExecuteW
DragQueryFileW
DragFinish
SHAppBarMessage
SHFileOperationW
SHCreateDirectoryExW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
ole32
OleDuplicateData
CoInitialize
ReleaseStgMedium
CoCreateInstance
CoUninitialize
CoTaskMemFree
OleInitialize
CoDisconnectObject
CoInitializeEx
CLSIDFromString
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoTaskMemAlloc
CLSIDFromProgID
msimg32
TransparentBlt
AlphaBlend
shlwapi
PathIsUNCW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW
wnsprintfA
PathAppendW
PathAddBackslashW
PathRemoveFileSpecW
PathStripPathW
PathFileExistsA
PathRemoveBackslashW
wnsprintfW
PathIsDirectoryW
PathFileExistsW
SHGetValueW
SHSetValueW
StrCmpIW
PathStripToRootW
SHCreateStreamOnFileEx
uxtheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
IsAppThemed
winhttp
WinHttpSetTimeouts
WinHttpOpen
WinHttpCrackUrl
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSetOption
WinHttpCloseHandle
WinHttpWriteData
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpSetCredentials
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpQueryHeaders
WinHttpSendRequest
gdiplus
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipRotateMatrix
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDrawLine
GdipSetPenEndCap
GdipSetPenStartCap
GdipCreatePen2
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageRectRect
GdipFillPath
GdipFillRectangleI
GdipDrawPath
GdipDrawRectangleI
GdipResetWorldTransform
GdipSetWorldTransform
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipReleaseDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetPenDashStyle
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipBitmapUnlockBits
GdipCreatePath
GdipDeletePath
GdipAddPathLine
ord1
GdipCreateMatrix
GdipDeleteMatrix
GdipTranslateMatrix
imm32
ImmSetCompositionWindow
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
iphlpapi
GetAdaptersInfo
oleacc
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
ws2_32
select
__WSAFDIsSet
socket
htons
accept
setsockopt
WSACleanup
WSASetLastError
ntohs
WSAGetLastError
closesocket
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
send
getsockopt
WSAStartup
gethostname
bind
connect
getsockname
htonl
listen
recv
getaddrinfo
freeaddrinfo
recvfrom
sendto
getpeername
ioctlsocket
WSAIoctl
gethostbyname
winmm
PlaySoundW
wldap32
ord46
ord217
ord143
ord301
ord200
ord30
ord79
ord35
ord211
ord60
ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord45
crypt32
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertOpenSystemStoreA
winspool.drv
OpenPrinterW
DocumentPropertiesW
ClosePrinter
oleaut32
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocString
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
comctl32
InitCommonControlsEx
ord17
_TrackMouseEvent
Sections
.text Size: 4.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 995KB - Virtual size: 994KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 15.0MB - Virtual size: 15.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 179KB - Virtual size: 178KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ