2024-04-16_4839ee42d07186b5da20be7b290004a6_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-16_4839ee42d07186b5da20be7b290004a6_icedid
Size

4.8MB
MD5

4839ee42d07186b5da20be7b290004a6
SHA1

8ec7dfd96a9dd10c4e411af12f24ab8ca6f987a4
SHA256

c6ceaf4b1038122b52758a737f6455c2ea3d0b113b7e9b69ac3b1f9fcbec8e2f
SHA512

0a9a46d3b420b373ede5c232005bb0c0a7db21ce3e483454792d9414c7e175e801276c86290569fefe7c7d625a4d121f519961f511c8267974fdfbf466c5a2b5
SSDEEP

98304:3Tx9b/cquYsdNtreq/bkQs4CIhYZ6YTwBs4/f/b3o:3Tx9bKYsdNtCabl5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_4839ee42d07186b5da20be7b290004a6_icedid

Files

2024-04-16_4839ee42d07186b5da20be7b290004a6_icedid
.exe windows:5 windows x86 arch:x86

1d585bc36448fc9f1601ca15bfe7e623

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\ZOMVWR\Debug\ZOOM_Viewer.pdb

Imports

kernel32

FileTimeToLocalFileTime
FindResourceA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
InterlockedCompareExchange
CreateFileW
SetEnvironmentVariableA
CompareStringW
GetTimeZoneInformation
CreateProcessA
GetExitCodeProcess
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
HeapReAlloc
HeapSize
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
QueryPerformanceCounter
GetConsoleMode
GetConsoleCP
GetProcessHeap
HeapAlloc
HeapFree
InitializeCriticalSectionAndSpinCount
SetHandleCount
IsValidCodePage
GetACP
LCMapStringW
LCMapStringA
LoadLibraryW
SetConsoleCtrlHandler
FatalAppExitA
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
ExitThread
CreateThread
VirtualQuery
GetSystemInfo
VirtualAlloc
IsBadReadPtr
HeapValidate
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
DebugBreak
ExitProcess
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
RaiseException
SetFileAttributesA
LocalFileTimeToFileTime
GetFileSizeEx
GetShortPathNameA
lstrcmpiA
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GetCurrentDirectoryA
FindResourceExA
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
GetModuleHandleW
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetOEMCP
GetCPInfo
InterlockedDecrement
GetModuleFileNameW
GetAtomNameA
SetErrorMode
GlobalFlags
GetProfileIntA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle
InterlockedExchange
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
VirtualProtect
GetCurrentProcessId
MulDiv
lstrlenW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenA
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
CompareStringA
SetLastError
MultiByteToWideChar
LoadLibraryA
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GetVersionExA
GlobalLock
GetLastError
GlobalUnlock
GlobalFree
FreeResource
SetCurrentDirectoryA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
OpenEventA

user32

GetClipboardFormatNameA
GetDialogBaseUnits
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
ModifyMenuA
InsertMenuItemA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
FillRect
DestroyCursor
RegisterClipboardFormatA
GetCursorPos
GetMessageA
TranslateMessage
GetAsyncKeyState
SetRectEmpty
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetWindowThreadProcessId
SetCursor
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
PostQuitMessage
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
GetKeyNameTextA
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
SetCapture
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
DragDetect
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
RegisterWindowMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconA
SetWindowLongA
GetWindowLongA
IsWindowEnabled
GetDlgItem
DestroyWindow
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
MapVirtualKeyA
CharUpperA
DestroyIcon
CopyAcceleratorTableA
MessageBeep
PtInRect
ScrollWindow
GetScrollInfo
InSendMessage
IsRectEmpty
UnregisterClassA
IsClipboardFormatAvailable
WaitMessage
CreateCaret
CreateDialogIndirectParamA
EnableWindow
MsgWaitForMultipleObjects
IsWindowUnicode
GetMessageW
DispatchMessageW
SubtractRect
UnionRect
InflateRect
SetRect
IsWindow
SetActiveWindow
GetActiveWindow
GetDesktopWindow
EndDialog
MapDialogRect
SendMessageA
PostMessageA
TabbedTextOutA
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetMessagePos
GetMessageTime
GetMenu
SetMenu
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetDlgCtrlID
GetKeyState
GetWindowTextA
GetWindowTextLengthA
SetWindowPlacement
TrackPopupMenu
TrackPopupMenuEx
WinHelpA
GetCapture
GetWindow
GetParent
IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
SetScrollInfo
CharNextA

gdi32

EnumObjects
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetBrushOrgEx
AngleArc
CreateICA
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
EnumFontFamiliesExA
GetTextExtentPointA
DeleteMetaFile
SetPixelV
GetBrushOrgEx
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
GetNearestPaletteIndex
CreatePolyPolygonRgn
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
GetArcDirection
SetPaletteEntries
AnimatePalette
CreateMetaFileA
CloseMetaFile
CreateEnhMetaFileA
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
UnrealizeObject
GetStockObject
GetObjectType
CreateFontA
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchDIBits
DeleteDC
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
ExtTextOutA
CloseEnhMetaFile
ResizePalette

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyA
SetThreadToken
RevertToSelf
OpenThreadToken
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

comctl32

ord17

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathFindExtensionA
PathStripToRootA

oledlg

ord3
ord7
ord6
ord5
ord9
ord4
ord8

ole32

OleGetIconOfClass
WriteClassStm
OleSaveToStream
OleIsRunning
GetRunningObjectTable
CoLockObjectExternal
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateOleAdviseHolder
CreateDataAdviseHolder
OleGetClipboard
OleQueryCreateFromData
OleQueryLinkFromData
OleSetMenuDescriptor
DoDragDrop
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
OleLockRunning
CreateStreamOnHGlobal
GetClassFile
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
OleRun
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleRegGetMiscStatus
GetHGlobalFromILockBytes
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoDisconnectObject
CoUninitialize
CoInitializeEx
CoCreateInstance
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemFree
OleDuplicateData
StgIsStorageILockBytes
OleSave
OleLoad
OleCreate
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
OleRegEnumVerbs
OleCreateLinkToFile

oleaut32

SystemTimeToVariantTime
SysFreeString
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetDim
SafeArrayGetElemsize
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
VariantChangeType

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d585bc36448fc9f1601ca15bfe7e623

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.rdata Size: 619KB - Virtual size: 619KB

.data Size: 25KB - Virtual size: 42KB

.rsrc Size: 103KB - Virtual size: 102KB

.text
Size: 4.0MB - Virtual size: 4.0MB

.rdata
Size: 619KB - Virtual size: 619KB

.data
Size: 25KB - Virtual size: 42KB

.rsrc
Size: 103KB - Virtual size: 102KB