2024-04-16_aa5e3ba42d906af63972887d99378a84_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_aa5e3ba42d906af63972887d99378a84_icedid
Size

2.5MB
MD5

aa5e3ba42d906af63972887d99378a84
SHA1

d9339dbe50d89e1e6c7bd7b3705d6a7a14849e22
SHA256

8502618791af22e52e056075cb4501d0de9d735cad57e099fafca1f541d1de85
SHA512

f8e3c8e1e73f3dca3d5b2c11be569ab4ed71068ed42d9f48cb5eca80567734e670f77f8aa7544950b7b832a31ca1eed6eb2b71c867433631444923c23994171b
SSDEEP

49152:jmac9/Vz4yCkFI8VXySAmfK87GP0GJzfUq63uG1NmQZHFpygUQJHivALCHCa4/CD:Cx9+OFZXySAmfKCGsGFUqmJpygUQJHi3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_aa5e3ba42d906af63972887d99378a84_icedid

Files

2024-04-16_aa5e3ba42d906af63972887d99378a84_icedid
.exe windows:5 windows x86 arch:x86

417b71058471454fee4e74e448de550f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Work_Project\00_DebugTool\source\x86\Release\RTDTool.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
LoadLibraryW
GetProcAddress
FreeLibrary
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleFileNameW
CreateDirectoryW
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
DeleteFileW
SetLastError
GetLastError
GetModuleHandleW
WritePrivateProfileStringW
CreateMutexW
ReleaseMutex
GetPrivateProfileIntW
RemoveDirectoryW
Sleep
GetExitCodeThread
TerminateThread
TerminateProcess
GetPrivateProfileStringW
LocalAlloc
LocalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateThread
CloseHandle
LCMapStringW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
HeapSize
ExitThread
ExitProcess
GetFileType
SetStdHandle
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
GetConsoleMode
GetConsoleCP
CopyFileW
InitializeCriticalSectionAndSpinCount
RaiseException
RtlUnwind
WaitForSingleObject
InterlockedIncrement
GetThreadLocale
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetSystemDirectoryW
GetTempPathW
GetTempFileNameW
GetTickCount
lstrcpyW
GetCurrentDirectoryW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesW
GlobalGetAtomNameW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
InterlockedDecrement
GetModuleHandleA
GetCurrentProcessId
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrlenW
SetFilePointer
WriteFile
ReadFile
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA

user32

DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
EmptyClipboard
CloseClipboard
SetClipboardData
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
SetRectEmpty
WindowFromPoint
UnregisterClassW
ReleaseCapture
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
DestroyMenu
GetMenuItemInfoW
InflateRect
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
SystemParametersInfoW
MessageBeep
IsZoomed
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
MapVirtualKeyW
GetKeyNameTextW
ReleaseDC
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
CharUpperW
GetMenuStringW
InsertMenuW
RemoveMenu
WaitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
DefMDIChildProcW
DrawEdge
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetMenuItemID
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetFocus
DefFrameProcW
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongW
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
CheckDlgButton
IsWindow
GetDlgItem
DrawFrameControl
DrawFocusRect
SetCursorPos
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
MapVirtualKeyExW
DestroyCursor
GetWindowLongW
OffsetRect
PtInRect
CopyRect
GetDlgCtrlID
GetWindow
CharNextW
GetSubMenu
LoadMenuW
GetMessagePos
GetDC
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
FrameRect
IsChild
TranslateMDISysAccel
WinHelpW
IsClipboardFormatAvailable
RedrawWindow
LoadImageW
SetWindowRgn
LoadBitmapW
RegisterClassExW
GetSysColorBrush
LoadCursorW
SetRect
KillTimer
UnregisterDeviceNotification
RegisterDeviceNotificationW
EnableMenuItem
IsWindowVisible
InvalidateRect
SetActiveWindow
GetActiveWindow
SetTimer
PostMessageW
DrawIcon
GetSystemMetrics
IsIconic
DrawMenuBar
DeleteMenu
GetMenuItemCount
AppendMenuW
GetSystemMenu
LoadIconW
UnregisterHotKey
RegisterHotKey
ScreenToClient
GetCursorPos
GetWindowRect
GetClientRect
SetWindowPos
EnableWindow
GetParent
SendMessageW
GrayStringW
IsCharLowerW

gdi32

SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetTextExtentPoint32W
SetRectRgn
GetMapMode
DPtoLP
GetTextMetricsW
OffsetRgn
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
CreateDIBSection
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CopyMetaFileW
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetTextColor
GetBkColor
GetDeviceCaps
BitBlt
DeleteObject
CombineRgn
CreateRectRgn
GetPixel
SelectObject
CreateCompatibleDC
GetStockObject
GetRgnBox
GetObjectW
CreateFontIndirectW

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyExW
RegQueryValueW

shell32

DragFinish
SHGetSpecialFolderPathW
ShellExecuteW
ShellExecuteExW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW
SHAppBarMessage

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

StrToIntW
StrToIntExW
PathFileExistsW
StrToInt64ExW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
OleDuplicateData
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
CoRevokeClassObject
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoTaskMemFree
CoInitializeEx
IsAccelerator
CoTaskMemAlloc
OleTranslateAccelerator

oleaut32

SysStringLen
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString
VariantChangeType
VariantClear
OleCreateFontIndirect
VariantInit
SysAllocStringLen

gdiplus

GdipDeleteGraphics
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipAlloc
GdipFree

ws2_32

WSAStartup
WSACleanup
closesocket
htonl
htons
inet_addr
accept
socket
select
bind
WSAGetLastError
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
gethostbyname
shutdown

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 27KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 575KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 218KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

417b71058471454fee4e74e448de550f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

setupapi

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 345KB - Virtual size: 345KB

.data Size: 27KB - Virtual size: 55KB

.rsrc Size: 575KB - Virtual size: 574KB

.reloc Size: 218KB - Virtual size: 220KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 345KB - Virtual size: 345KB

.data
Size: 27KB - Virtual size: 55KB

.rsrc
Size: 575KB - Virtual size: 574KB

.reloc
Size: 218KB - Virtual size: 220KB