2024-04-15_b4bb6320b817cab434627a692aa6dfac_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_b4bb6320b817cab434627a692aa6dfac_icedid
Size

4.2MB
MD5

b4bb6320b817cab434627a692aa6dfac
SHA1

4ecdac2d6e80d2cc37ea6235c23f27fbb330f1c0
SHA256

6c341b58595d44ce0089c3229303b07adbb06dd22894ab52e99a470595e70b48
SHA512

c7802672dc7701b9453948612c4ded2e1e3bba84712d1a39dd409ad7cd20ce72b3be3f07b301f0028c3a5513a4f8cc03ac4d275b561bd1148943ddd29814ca19
SSDEEP

98304:DxFjxoqH8fQDQf50x9mbL7IVtf+jGdeTN5DSq:DxFNoaqQcf97Ijf+i6oq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_b4bb6320b817cab434627a692aa6dfac_icedid

Files

2024-04-15_b4bb6320b817cab434627a692aa6dfac_icedid
.exe windows:4 windows x86 arch:x86

1d49cd30071ffbb7ed4f870a9a26e643

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\projects\PackageInstaller\Release\PackageInstaller.pdb

Imports

kernel32

WritePrivateProfileStringW
lstrcmpiW
GlobalFlags
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
GetTickCount
GetStartupInfoW
RtlUnwind
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
InterlockedIncrement
FileTimeToSystemTime
GlobalFindAtomW
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
GlobalAddAtomW
GetCurrentThread
lstrcmpW
GlobalDeleteAtom
ConvertDefaultLocale
GetVersion
GetLocaleInfoW
lstrlenA
InterlockedDecrement
SetLastError
lstrcpyW
lstrcpynW
WideCharToMultiByte
LoadLibraryW
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FormatMessageW
LocalAlloc
LocalFree
lstrlenW
WriteFile
FreeResource
CreateFileW
GetFileSize
LoadLibraryExW
FreeLibrary
SetFilePointer
ReadFile
CreateMutexW
GetCurrentProcessId
GetCurrentProcess
GetProcessTimes
ReleaseMutex
WaitForSingleObject
UnmapViewOfFile
CreateFileMappingW
MapViewOfFileEx
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetModuleFileNameW
FindResourceExW
CreateDirectoryW
OutputDebugStringW
GetSystemTimeAsFileTime
Sleep
GetDiskFreeSpaceExW
GetLastError
MultiByteToWideChar
OpenProcess
CloseHandle
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
GetModuleHandleW
GetProcAddress
GetUserDefaultLangID
EnumResourceLanguagesW
VerLanguageNameW
LoadResource
LockResource
SizeofResource
FindResourceW
GetProcessHeap

user32

BeginPaint
EndPaint
DestroyMenu
GetSysColorBrush
CharUpperW
CharNextW
SetRect
CopyAcceleratorTableW
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
SetActiveWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoW
RegisterClassW
ClientToScreen
CallWindowProcW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
PtInRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDlgItem
SetMenuItemBitmaps
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
SetWindowsHookExW
CallNextHookEx
GetMessageW
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowLongW
IsWindow
LoadBitmapW
wsprintfW
DrawStateW
DestroyIcon
GetWindowLongW
DrawFocusRect
DrawEdge
GetWindowDC
LoadImageW
GetClassNameW
GetComboBoxInfo
CopyRect
RedrawWindow
UpdateWindow
GetParent
InvalidateRect
OffsetRect
IsRectEmpty
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetSysColor
GetSystemMetrics
GrayStringW
ShowWindow
MoveWindow
SetWindowTextW
GetDlgCtrlID
IsDialogMessageW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowRgn
IsIconic
GetMenu
DrawIcon
GetClientRect
ReleaseDC
GetDC
GetWindowRect
FrameRect
InflateRect
GetForegroundWindow
SetForegroundWindow
SendMessageW
UnregisterClassW
LoadCursorW
SetSystemCursor
SendMessageTimeoutW
PostMessageW
EnableWindow
LoadIconW
LoadStringA
GetDesktopWindow
MessageBoxA
MessageBoxW
TranslateMessage
DefWindowProcW

gdi32

GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
GetRgnBox
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
SetTextAlign
GetTextExtentPoint32W
CreateFontIndirectW
SetMapMode
CreateSolidBrush
CreateRectRgn
CombineRgn
DeleteObject
GetPixel
CreateBitmap
GetDeviceCaps
SelectObject
PatBlt
GetTextColor
GetStockObject
GetViewportOrgEx
SetViewportOrgEx
GetObjectW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
LPtoDP
DPtoLP
GetMapMode
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW

shell32

SHGetSpecialFolderPathW
SHGetFileInfoW

comctl32

ord17
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoTaskMemAlloc

oleaut32

SysAllocStringLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
VariantChangeType
OleLoadPicture
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocString
SysFreeString

Sections

.text
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d49cd30071ffbb7ed4f870a9a26e643

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 228KB - Virtual size: 225KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 3.9MB - Virtual size: 3.9MB

.text
Size: 228KB - Virtual size: 225KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 3.9MB - Virtual size: 3.9MB