Static task
static1
Behavioral task
behavioral1
Sample
2024-04-16_d3f760364f88a7e72b3041c30e731b4c_icedid_magniber.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
2024-04-16_d3f760364f88a7e72b3041c30e731b4c_icedid_magniber.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
General
-
Target
2024-04-16_d3f760364f88a7e72b3041c30e731b4c_icedid_magniber
-
Size
6.5MB
-
MD5
d3f760364f88a7e72b3041c30e731b4c
-
SHA1
c9c27c2756e4bd1a00e38775cf609d8ed4a88c3f
-
SHA256
6996dc069cb7e0bf81ad13068537b971c91b290d2fe58e473e8b397944bdd853
-
SHA512
b3f9350d7185d757515f88805958e464398d231b60d36cb57d62dae810b594815a59ec05b018ee20aaa988a614464ac3a76a56eba241c2f9b2590d83ddfc5c93
-
SSDEEP
196608:GOuAX5Rt9Tunl142/e+/L+ukVL7LWWXChz:ptxsmbHW2CJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-04-16_d3f760364f88a7e72b3041c30e731b4c_icedid_magniber
Files
-
2024-04-16_d3f760364f88a7e72b3041c30e731b4c_icedid_magniber.exe windows:6 windows x86 arch:x86
e5fbd3d61c144cb189ffc63c4c939fe7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
rpcrt4
RpcMgmtSetAuthorizationFn
RpcServerUseProtseqIfW
RpcServerUnregisterIf
I_RpcServerInqTransportType
RpcBindingSetOption
kernel32
GetFileSizeEx
GetFileTime
SetFileAttributesA
SystemTimeToTzSpecificLocalTime
VerSetConditionMask
VerifyVersionInfoA
GetDiskFreeSpaceA
GetTempFileNameA
ReplaceFileA
GetUserDefaultLCID
GetTempPathA
GetProfileIntA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
FileTimeToSystemTime
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetAtomNameA
FindNextFileW
FindFirstFileExW
SetErrorMode
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
OutputDebugStringW
GetFileAttributesExA
GetCPInfo
GetOEMCP
FindFirstFileExA
GetStringTypeExA
GetThreadLocale
MoveFileA
GetShortPathNameA
LoadLibraryExA
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetACP
lstrcmpiA
LocalUnlock
LocalLock
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CreateSemaphoreA
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ReleaseSemaphore
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FormatMessageA
MulDiv
GlobalSize
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
SetEvent
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
LocalFree
LocalAlloc
CopyFileA
FindNextFileA
FindFirstFileA
FindClose
GetCurrentThreadId
FindResourceExW
MultiByteToWideChar
GetVolumeInformationW
SystemTimeToFileTime
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
GetFileAttributesA
VirtualProtect
GetCurrentDirectoryA
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
TerminateThread
Process32Next
OpenFileMappingA
UnmapViewOfFile
MapViewOfFile
lstrcpynA
ReadFile
GetBinaryTypeA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CreateDirectoryA
CreateProcessA
WaitForSingleObject
WriteFile
DeleteFileA
CreateFileA
LoadLibraryA
lstrlenA
lstrcatA
lstrcpyA
WinExec
GetWindowsDirectoryA
WideCharToMultiByte
FindResourceW
FindResourceA
SizeofResource
LoadResource
GetConsoleProcessList
SetConsoleActiveScreenBuffer
FillConsoleOutputCharacterW
LCMapStringEx
IsNLSDefinedString
SetCalendarInfoA
LCMapStringA
RegisterApplicationRecoveryCallback
ReleaseActCtx
CancelTimerQueueTimer
SetTimerQueueTimer
GetNamedPipeServerProcessId
CreateNamedPipeA
FindNextFileNameW
FindFirstStreamW
EndUpdateResourceA
OpenWaitableTimerA
GetSystemRegistryQuota
LocalShrink
LockResource
FreeLibrary
CallbackMayRunLong
LeaveCriticalSectionWhenCallbackReturns
GetProcessWorkingSetSizeEx
GetNativeSystemInfo
GetComputerNameExW
GetProcessPriorityBoost
CreateProcessW
Sleep
CreateSemaphoreExW
WaitForSingleObjectEx
GetQueuedCompletionStatus
HeapWalk
WaitNamedPipeW
GetLastError
CloseHandle
SetFileInformationByHandle
FileTimeToLocalFileTime
SearchPathA
GetCommandLineW
Module32Next
Module32FirstW
WriteConsoleW
IsValidCodePage
CreateFileW
user32
UpdateLayeredWindow
UnionRect
FrameRect
SetCursorPos
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongA
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
MapDialogRect
GetAsyncKeyState
GetMenuItemInfoA
DestroyMenu
LoadImageW
TrackMouseEvent
LoadCursorW
ReleaseCapture
SetCapture
WaitMessage
CharUpperA
DestroyIcon
DeleteMenu
CopyImage
GetDialogBaseUnits
SetRect
GetTabbedTextExtentA
IsClipboardFormatAvailable
GetSysColorBrush
RealChildWindowFromPoint
MsgWaitForMultipleObjectsEx
WindowFromPoint
IntersectRect
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
GetComboBoxInfo
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
PostThreadMessageA
MessageBoxA
SendMessageA
IsIconic
EnableWindow
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
GetUpdateRect
GetDCEx
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendNotifyMessageA
MonitorFromRect
InSendMessage
GetSystemMetrics
DrawIcon
GetClientRect
GetWindowRect
GetSysColor
LoadIconW
GetMessagePos
IsWindow
SetTimer
KillTimer
GetDC
ReleaseDC
InvalidateRect
MessageBeep
SetCursor
ScreenToClient
InflateRect
PtInRect
SetWindowLongA
GetParent
LoadCursorA
CopyIcon
OffsetRect
wsprintfA
PostMessageA
UnregisterClassA
AttachThreadInput
SetForegroundWindow
AllowSetForegroundWindow
LockSetForegroundWindow
SystemParametersInfoA
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
MonitorFromPoint
WindowFromDC
GetWindowRgn
DestroyCursor
GetTabbedTextExtentW
MapWindowPoints
CreateMenu
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostQuitMessage
ShowOwnedPopups
GetWindowThreadProcessId
GetLastActivePopup
GetKeyNameTextA
MapVirtualKeyA
CopyRect
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
UnhookWindowsHookEx
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
FillRect
SendDlgItemMessageA
CallWindowProcA
DefWindowProcA
GetMessageTime
RegisterWindowMessageA
SetRectEmpty
gdi32
EndPage
AbortDoc
SetAbortProc
CreateCompatibleBitmap
CreateFontA
StretchDIBits
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
StartPage
Rectangle
GetRgnBox
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
EndDoc
GetCharWidthA
GetTextMetricsA
DPtoLP
SetRectRgn
GetMapMode
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
TextOutA
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
EnumFontFamiliesExA
GetObjectType
SetTextAlign
SetTextColor
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
CreateFontIndirectA
GetStockObject
GetTextExtentPoint32A
GetObjectA
CreateBitmap
CreateRectRgnIndirect
PatBlt
CopyMetaFileA
CreateDCA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
SetWorldTransform
Escape
msimg32
TransparentBlt
AlphaBlend
comdlg32
FindTextA
ReplaceTextW
winspool.drv
GetJobA
DocumentPropertiesA
OpenPrinterA
ClosePrinter
advapi32
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
CryptGetKeyParam
CryptSetKeyParam
CryptDestroyKey
CryptReleaseContext
RegCreateKeyExA
RegOpenKeyExW
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
ChangeServiceConfig2A
RegUnLoadKeyA
RegLoadKeyA
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
shell32
ShellExecuteA
SHGetFolderPathA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetMalloc
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteExA
shlwapi
PathAppendA
SHSetValueA
SHGetValueA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
uxtheme
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsAppThemed
ole32
StgCreateDocfile
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
StgOpenStorage
CoTreatAsClass
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
GetHGlobalFromILockBytes
OleLockRunning
OleSetMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleGetIconOfClass
OleRun
OleFlushClipboard
OleSetClipboard
PropVariantCopy
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
StringFromGUID2
CoDisconnectObject
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
StgOpenStorageOnILockBytes
oleaut32
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
VariantChangeType
VariantClear
SafeArrayGetLBound
SysAllocStringLen
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
LoadTypeLi
VariantInit
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetUBound
SysFreeString
SafeArrayLock
oledlg
ord8
secur32
SaslGetProfilePackageA
InitSecurityInterfaceA
SetContextAttributesW
ChangeAccountPasswordA
FreeCredentialsHandle
CompleteAuthToken
wininet
InternetTimeToSystemTimeW
InternetErrorDlg
InternetDial
InternetGetLastResponseInfoA
InternetSetStatusCallbackW
FtpFindFirstFileW
netapi32
NetUserEnum
gdiplus
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateBitmapFromStream
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundA
Sections
.text Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 603KB - Virtual size: 602KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3.3MB - Virtual size: 3.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ