C:\SERVICE\VANAPI\VanAPI.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-04-11_987080f592837ce246a6fb39badb4b4d_icedid.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-04-11_987080f592837ce246a6fb39badb4b4d_icedid.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
2024-04-11_987080f592837ce246a6fb39badb4b4d_icedid
-
Size
2.4MB
-
MD5
987080f592837ce246a6fb39badb4b4d
-
SHA1
33106b4aaf0c56f806d5352ba7e85d5f0205da12
-
SHA256
128259963ef255ab6c3fc95e9e636549668b82715ded5c0d8919167e01abd3de
-
SHA512
927b93235138b0b26c7e4d556a4a130a209aa088bb3e617e39851795785182269c6f2025701df3eda91ee6a95833c43d4dcefb8cad9f0d901062f512ae9b3676
-
SSDEEP
24576:QpLiEJzefPG565kyOtE/t2GG189XR9vto/LIOYcpV1W2PYrjEaa6pzULTGSV6x44:QF7JqW56QUIDjQEJSMwNcz9wb
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-04-11_987080f592837ce246a6fb39badb4b4d_icedid
Files
-
2024-04-11_987080f592837ce246a6fb39badb4b4d_icedid.exe windows:5 windows x86 arch:x86
de90ce69a9405577da8a33d2a951c56e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetModuleHandleW
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
LocalUnlock
LocalLock
GetSystemDirectoryW
FindResourceExA
GetTempFileNameA
GetDiskFreeSpaceA
RtlUnwind
GetTimeFormatA
GetDateFormatA
IsDebuggerPresent
RaiseException
DebugBreak
TerminateProcess
UnhandledExceptionFilter
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
GetStdHandle
OutputDebugStringA
WriteConsoleW
GetFileType
OutputDebugStringW
GetACP
IsValidCodePage
GetTimeZoneInformation
HeapFree
HeapAlloc
GetProcessHeap
FatalAppExitA
SetConsoleCtrlHandler
SetHandleCount
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
HeapSize
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CompareStringW
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
OpenFileMappingA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
GetFileTime
GetFileSizeEx
GetProfileIntA
VirtualProtect
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
LocalAlloc
GetOEMCP
GetCPInfo
GlobalFlags
GetAtomNameA
InterlockedDecrement
GetModuleFileNameW
SetErrorMode
InterlockedExchange
lstrcmpA
GetCurrentThread
GetLocaleInfoA
LoadLibraryExA
ConvertDefaultLocale
EnumResourceLanguagesA
SystemTimeToFileTime
FileTimeToSystemTime
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
PulseEvent
CreateEventA
SetEvent
GlobalFree
lstrlenW
CopyFileA
GlobalSize
GlobalAlloc
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GlobalLock
GlobalUnlock
MulDiv
lstrlenA
CompareStringA
FreeResource
lstrcmpW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
SuspendThread
GetThreadPriority
SetThreadPriority
GetFullPathNameW
GetFullPathNameA
CreateFileW
GetTempPathW
GetTempPathA
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
DeleteFileW
GetFileAttributesW
DeleteFileA
GetFileAttributesA
LockFile
UnlockFile
GetFileSize
FlushFileBuffers
SetEndOfFile
SetFilePointer
ReadFile
AreFileApisANSI
GetVersionExA
GetCurrentThreadId
DeleteCriticalSection
SetUnhandledExceptionFilter
GetModuleFileNameA
CreateMutexA
InitializeCriticalSection
CreateProcessA
MultiByteToWideChar
CreateFileMappingA
MapViewOfFile
LoadLibraryA
FreeLibrary
GetProcAddress
GetLocalTime
TerminateThread
CreateThread
ResumeThread
SetLastError
ReleaseMutex
WaitForSingleObject
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
InterlockedIncrement
GetLastError
FormatMessageA
LocalFree
CreateFileA
WriteFile
CloseHandle
EnterCriticalSection
LeaveCriticalSection
TlsFree
Sleep
user32
RegisterClipboardFormatA
InSendMessage
IsRectEmpty
SetRect
InflateRect
UnionRect
SubtractRect
DispatchMessageW
GetMessageW
IsWindowUnicode
GetClipboardFormatNameA
GetWindowThreadProcessId
MapVirtualKeyA
GetKeyNameTextA
EndDialog
CreateDialogIndirectParamA
MsgWaitForMultipleObjects
GetMessageA
TranslateMessage
CharUpperA
PostQuitMessage
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetMenuCheckMarkDimensions
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
SetMenuItemBitmaps
RemoveMenu
ModifyMenuA
InsertMenuItemA
InsertMenuA
GetSubMenu
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextExA
DrawTextA
UnregisterClassA
DrawFocusRect
DrawFrameControl
DrawEdge
ReuseDDElParam
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
LoadBitmapA
GetSysColorBrush
OpenIcon
CloseWindow
LoadIconA
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowLongA
MapDialogRect
EnableWindow
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetParent
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
GetFocus
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
MapWindowPoints
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
DragDetect
SendMessageTimeoutA
RegisterWindowMessageA
DestroyMenu
DestroyIcon
SetCursor
SendMessageA
GetSysColor
LoadImageA
LoadMenuA
PostMessageA
PtInRect
GetClientRect
ScreenToClient
CopyAcceleratorTableA
CharNextA
MessageBeep
IsClipboardFormatAvailable
WaitMessage
TabbedTextOutA
GetMenuBarInfo
GetCursorPos
ReleaseCapture
IsWindow
MessageBoxA
SetTimer
KillTimer
TranslateAcceleratorA
LoadAcceleratorsA
GetDialogBaseUnits
SetRectEmpty
GetAsyncKeyState
GetKeyState
DrawStateA
UnpackDDElParam
RemovePropA
gdi32
FloodFill
ExtFloodFill
TextOutA
ExtTextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
UnrealizeObject
GetObjectType
CreatePen
CreatePenIndirect
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateBrushIndirect
CreatePatternBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateFontA
CreateBitmap
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetPixel
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
SetDIBitsToDevice
StretchDIBits
GetStockObject
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateDCA
GetPixel
StretchBlt
BitBlt
PatBlt
RoundRect
Rectangle
CreateICA
CreateCompatibleDC
GetDeviceCaps
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
SelectObject
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
PolyPolygon
Polygon
Pie
Ellipse
Chord
Polyline
Arc
GetCurrentPositionEx
RectVisible
PtVisible
PaintRgn
InvertRgn
FrameRgn
FillRgn
SetBitmapDimensionEx
GetObjectA
DeleteMetaFile
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
CreateMetaFileA
CloseMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
LPtoDP
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
CopyMetaFileA
EnumFontFamiliesExA
shell32
ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
Shell_NotifyIconA
ws2_32
WSACleanup
inet_ntoa
sendto
send
htons
htonl
ntohs
getservbyname
ntohl
gethostbyname
inet_addr
gethostname
accept
closesocket
shutdown
getsockname
getpeername
listen
bind
setsockopt
socket
connect
recv
recvfrom
select
__WSAFDIsSet
WSAStartup
oci
OCIStmtExecute
OCIStmtPrepare
OCIStmtFetch
OCIDefineByPos
OCIParamGet
OCIDescriptorFree
OCIAttrGet
OCINumberFromInt
OCINumberFromReal
OCINumberSetZero
OCIDateSysDate
OCIBindByName
OCIErrorGet
OCISessionEnd
OCIServerDetach
OCIHandleFree
OCIEnvCreate
OCIHandleAlloc
OCIServerAttach
OCIAttrSet
OCISessionBegin
OCINumberToInt
OCINumberToReal
comctl32
InitializeFlatSB
shlwapi
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveExtensionA
PathRemoveFileSpecW
PathStripToRootA
oledlg
ord4
ord5
ord6
ord7
ord3
ord8
ord9
winspool.drv
GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
comdlg32
GetFileTitleA
advapi32
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegDeleteValueA
OpenThreadToken
RevertToSelf
SetFileSecurityA
GetFileSecurityA
SetThreadToken
ole32
CreateStreamOnHGlobal
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleLockRunning
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
OleCreate
OleLoad
OleSave
StgIsStorageILockBytes
GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
OleIsRunning
GetClassFile
OleQueryLinkFromData
OleGetClipboard
OleSetMenuDescriptor
DoDragDrop
OleRegEnumVerbs
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
OleTranslateAccelerator
IsAccelerator
GetRunningObjectTable
CoLockObjectExternal
CoReleaseMarshalData
CoMarshalInterface
CoUnmarshalInterface
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoUninitialize
CoInitializeEx
CoCreateInstance
CoDisconnectObject
SetConvertStg
CreateBindCtx
CoTaskMemFree
OleDuplicateData
CLSIDFromString
CLSIDFromProgID
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTreatAsClass
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
OleQueryCreateFromData
WriteFmtUserTypeStg
oleaut32
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VarDateFromStr
SafeArrayGetDim
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
SystemTimeToVariantTime
SafeArrayGetElemsize
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 343KB - Virtual size: 343KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 23KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 79KB - Virtual size: 78KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ