2024-04-16_78ca5131ed54f282c1b876fc74646721_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_78ca5131ed54f282c1b876fc74646721_icedid
Size

3.1MB
MD5

78ca5131ed54f282c1b876fc74646721
SHA1

f7ce2522d0a0111846ef212de8d27e26461a2bbd
SHA256

f362bb4685bae01c4ade5b3d5c9c064be49989ee2adb76f4edf7ee67c8784a90
SHA512

fa5f200cd01be1ef718ac4c3b2fd614a5e373fb186e83d7e8e564a504c989c348df6a46545d3ffc2f041d779b581dee51fe9de83ef6b9b6aee8cd9c60f219e73
SSDEEP

98304:CvkM6SlxSKTCZrxonULRqxuwcvUsBdi0nZz6:ykIxSxrx95Pzz6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_78ca5131ed54f282c1b876fc74646721_icedid

Files

2024-04-16_78ca5131ed54f282c1b876fc74646721_icedid
.exe windows:6 windows x86 arch:x86

30e307d1c47dceebe575660921576195

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Jenkins\workspace\GA_12.1_Plugin\Starship\fxnet_release_v12.1\PluginSDK\Plugins\All\FXNET_FRD_Release\Track Review.pdb

Imports

kernel32

WideCharToMultiByte
WaitForSingleObject
ReleaseMutex
WaitForMultipleObjects
SetEvent
ResetEvent
LoadLibraryExA
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExW
GetConsoleMode
GetConsoleCP
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
RtlUnwind
GetACP
VirtualFree
VirtualAlloc
GetSystemInfo
ExitThread
SetFilePointerEx
GetTimeZoneInformation
LCMapStringW
GetCPInfo
GetStringTypeW
VirtualQuery
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
CreateMutexW
CloseHandle
CreateEventW
CreateFileMappingW
GetLastError
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleFileNameW
GlobalUnlock
GlobalFree
ResumeThread
FreeResource
lstrcpyW
lstrcpynW
CreateDirectoryW
DeleteFileW
GetDriveTypeW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
OutputDebugStringW
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExW
GetTempPathW
FindFirstFileW
FindClose
CreateFileW
GetSystemDirectoryW
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
WaitForSingleObjectEx
MultiByteToWideChar
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CopyFileW
FindNextFileW
OutputDebugStringA
Sleep
GetCurrentThread
GetCurrentProcess
LocalAlloc
LocalFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
DecodePointer
CreateThread
TerminateThread
GetCurrentThreadId
GetModuleHandleW
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetTempFileNameW
WriteFile
SetLastError
lstrcmpA
MulDiv
EncodePointer
GetModuleHandleA
LoadLibraryExW
LoadLibraryA
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
GlobalSize
FormatMessageW
GlobalGetAtomNameW
FileTimeToSystemTime
GetThreadLocale
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
SetThreadPriority
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalFlags
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
CompareStringW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
SetErrorMode
GetFileAttributesW
GetFileTime
GetUserDefaultLCID
GetTickCount
GetFileAttributesExW
GetFileSizeEx
GetCurrentDirectoryW
VerSetConditionMask
VerifyVersionInfoW
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent

user32

GetSystemMenu
UnionRect
GetAsyncKeyState
GetSysColorBrush
CopyImage
RealChildWindowFromPoint
GetMenuItemInfoW
DrawStateW
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
TranslateMessage
GetMessageW
DestroyCursor
SetCursorPos
SendDlgItemMessageA
CharNextW
MapVirtualKeyW
GetKeyNameTextW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
CharUpperW
SetWindowRgn
SetRect
InvalidateRgn
CopyAcceleratorTableW
SetCapture
ReuseDDElParam
UnpackDDElParam
LoadImageW
GetDesktopWindow
OffsetRect
GetMenuDefaultItem
InsertMenuItemW
CreatePopupMenu
UnregisterClassW
SetDlgItemTextW
UnhookWindowsHookEx
SetWindowsHookExW
SetMenuDefaultItem
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
GetActiveWindow
BringWindowToTop
IntersectRect
SetParent
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
GetWindow
GetLastActivePopup
UpdateLayeredWindow
EnableScrollBar
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
LockWindowUpdate
PostThreadMessageW
GetIconInfo
HideCaret
InvertRect
SetClassLongW
OpenClipboard
CloseClipboard
RegisterClipboardFormatW
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
CopyRect
TrackMouseEvent
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
WaitMessage
GetNextDlgGroupItem
MessageBeep
IsZoomed
InflateRect
SetClipboardData
EmptyClipboard
NotifyWinEvent
MessageBoxW
FindWindowW
GetClassInfoW
RegisterClassW
SetTimer
IsIconic
wsprintfW
LoadStringW
KillTimer
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetWindowPos
SetForegroundWindow
SetActiveWindow
UpdateWindow
IsRectEmpty
LoadMenuW
GetSubMenu
DestroyMenu
GetMenuItemCount
AppendMenuW
DeleteMenu
GetKeyState
IsWindowEnabled
GetCursorPos
WindowFromPoint
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
SetRectEmpty
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetCapture
GetMenu
SetMenu
GetMenuItemID
TrackPopupMenu
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
CopyIcon
FrameRect
GetDoubleClickTime
ModifyMenuW
DestroyAcceleratorTable
CharUpperBuffW
ToUnicodeEx
GetKeyboardLayout
RemovePropW
GetWindowTextW
GetWindowTextLengthW
MapWindowPoints
GetKeyboardState
CreateAcceleratorTableW
GetComboBoxInfo
IsCharLowerW
MapVirtualKeyExW
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
EnumChildWindows
CreateMenu
GetWindowRgn
DrawTextW
DrawIcon
DestroyIcon
LoadIconW
EqualRect
LoadCursorW
SetCursor
GetSysColor
FillRect
InvalidateRect
SystemParametersInfoW
PostMessageW
AdjustWindowRectEx
IsWindow
GetClientRect
ReleaseDC
GetDC
GetSystemMetrics
GetParent
EnableWindow
ScreenToClient
ClientToScreen
PtInRect
GetWindowRect
SendMessageW

gdi32

GetTextFaceW
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
SetPaletteEntries
ExtFloodFill
OffsetRgn
Rectangle
SetDIBColorTable
SetPixel
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextMetricsW
GetTextColor
GetBkColor
LPtoDP
CreateDIBSection
Ellipse
CreateEllipticRgn
GetRgnBox
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
CreateDCW
CopyMetaFileW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
GetStockObject
GetObjectW
GetTextExtentPoint32W
CreateSolidBrush
DeleteObject
DeleteDC
SelectObject
CreateFontIndirectW
StretchBlt
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

CredGetTargetInfoW
CredFree
RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegOpenKeyExW

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileW
ShellExecuteW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish

comctl32

_TrackMouseEvent
ImageList_GetImageCount
ImageList_Remove
ImageList_ReplaceIcon
InitCommonControlsEx

shlwapi

StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFileExistsW
StrCmpW

uxtheme

IsAppThemed
DrawThemeText
DrawThemeBackground
GetThemeSysColor
DrawThemeParentBackground
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
OpenThemeData
CloseThemeData
GetThemeColor
GetThemePartSize

ole32

CoFreeUnusedLibraries
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize
OleInitialize
CoInitialize
CLSIDFromProgID
CoCreateGuid
CoInitializeEx
CoUninitialize
CLSIDFromString
CoCreateInstance
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleDraw
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
OleGetClipboard
IsAccelerator

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VarBstrFromDate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleLoadPicture
VariantChangeType
SysAllocStringLen
VariantCopy
VariantInit
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysFreeString
SysAllocString
LoadTypeLi
OleCreateFontIndirect

oledlg

OleUIBusyW

gdiplus

GdipFree
GdipLoadImageFromStream
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipReleaseDC
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipAlloc
GdipGetImageHeight
GdiplusShutdown
GdiplusStartup

mpr

WNetAddConnection2W
WNetCancelConnection2W

winhttp

WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSetCredentials
WinHttpSetOption
WinHttpCrackUrl
WinHttpQueryAuthSchemes
WinHttpQueryOption
WinHttpWriteData
WinHttpSendRequest
WinHttpConnect

wininet

InternetGetConnectedState

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 725KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 232KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30e307d1c47dceebe575660921576195

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

mpr

winhttp

wininet

oleacc

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 725KB - Virtual size: 724KB

.data Size: 30KB - Virtual size: 57KB

.rsrc Size: 203KB - Virtual size: 203KB

.reloc Size: 232KB - Virtual size: 236KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 725KB - Virtual size: 724KB

.data
Size: 30KB - Virtual size: 57KB

.rsrc
Size: 203KB - Virtual size: 203KB

.reloc
Size: 232KB - Virtual size: 236KB