2024-04-18_d7be333f45b0a5bb7a3c67d82734d6b7_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-18_d7be333f45b0a5bb7a3c67d82734d6b7_icedid
Size

5.5MB
MD5

d7be333f45b0a5bb7a3c67d82734d6b7
SHA1

55a4ddcee426b640024b1c74e0cde93ce5916d7d
SHA256

c343e0c63bfc4992564871fe2b5adb5af789932c38180798a5d4e610d9c4e057
SHA512

aca3b76b90ad9afaf69cb97c7d4f61806338bfb7bd8649724dbb50db853840c694d21883f39bcfc53b2f6f244ca936a1f23fc76c1d0a5b70e6f671dc8fadf41b
SSDEEP

98304:lV2kRkQ5OhxAYYIbsbDmCzp3c6HvC0kVZxAscv6WCTa:j2kGQ5qATugDmCzhFK9ZxAns

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-18_d7be333f45b0a5bb7a3c67d82734d6b7_icedid

Files

2024-04-18_d7be333f45b0a5bb7a3c67d82734d6b7_icedid
.exe windows:4 windows x86 arch:x86

db9caaa64fc9d1ab262fcf2b4a10a921

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dms\m\Bin\Release\DMSTools.pdb

Imports

libeng

engOpen
engPutVariable
engClose
engEvalString

kernel32

GetUserDefaultLangID
FindResourceExA
WinExec
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SetEvent
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
CompareStringA
CompareStringW
GetStringTypeExA
SizeofResource
LockResource
LoadResource
FindResourceA
DeleteFileA
CreateDirectoryA
GetModuleFileNameA
MulDiv
SetThreadPriority
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
GetTempFileNameA
Sleep
SetFilePointer
GlobalMemoryStatus
GetThreadPriority
ResetEvent
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalUnlock
lstrcpyA
GlobalLock
GlobalAlloc
CopyFileA
MoveFileA
lstrcpynA
GetCurrentThreadId
CreateProcessA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcAddress
GetModuleHandleA
lstrcmpW
lstrcatA
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
FreeResource
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
CloseHandle
ResumeThread
SuspendThread
CreateEventA
LocalFree
FormatMessageA
GlobalSize
GlobalFree
SetLastError
ReadFile
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
GetShortPathNameA
GetFileAttributesA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
InterlockedDecrement
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTickCount
GetProfileIntA
LocalFileTimeToFileTime
SystemTimeToFileTime
GlobalFlags
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
SetErrorMode
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
GetDriveTypeA
TerminateProcess
GetTimeFormatA
GetDateFormatA
OutputDebugStringA
HeapReAlloc
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
SetEnvironmentVariableA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr

user32

DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
RegisterClassA
SetWindowPlacement
CallWindowProcA
SystemParametersInfoA
WindowFromPoint
RegisterWindowMessageA
wsprintfA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
WinHelpA
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
SetCursor
PeekMessageA
GetCapture
LoadAcceleratorsA
SetActiveWindow
IsIconic
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetLastActivePopup
BringWindowToTop
SetMenu
IsWindowEnabled
CreateMenu
EnableScrollBar
IsCharAlphaNumericA
GetTopWindow
RemovePropA
LoadMenuIndirectA
CreateIconIndirect
FrameRect
DrawStateA
DrawIconEx
TranslateAcceleratorA
IntersectRect
SetRect
UnhookWindowsHookEx
IsDialogMessageA
SetWindowsHookExA
CallNextHookEx
SetWindowTextA
GetDlgItem
GetClassInfoA
DefWindowProcA
LoadCursorA
GetNextDlgGroupItem
LoadBitmapA
LoadIconA
EnumChildWindows
EmptyClipboard
SetClipboardData
ReleaseCapture
SetCapture
GetDC
ReleaseDC
ClientToScreen
CopyRect
GetPropA
SetPropA
GetClassInfoExA
GetClassLongA
CreateWindowExA
InflateRect
SetParent
UpdateWindow
ShowWindow
SetFocus
GetParent
SetWindowPos
GetClassNameA
IsRectEmpty
EqualRect
PtInRect
IsZoomed
DispatchMessageA
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
GetIconInfo
SendDlgItemMessageA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
KillTimer
GetCursorPos
GetActiveWindow
OpenClipboard
GetClipboardData
CloseClipboard
BeginDeferWindowPos
MoveWindow
CreateAcceleratorTableA
DeferWindowPos
GetWindowRgn
GetAsyncKeyState
EndDeferWindowPos
SetRectEmpty
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetSystemMenu
GetWindowLongA
GetWindowPlacement
GetSystemMetrics
GetFocus
IsChild
SetTimer
InvalidateRect
IsWindow
GetDesktopWindow
GetClientRect
LoadMenuA
OffsetRect
GetWindow
RedrawWindow
SendMessageA
PostMessageA
UnregisterClassA
ModifyMenuA
SetMenuItemBitmaps
MapVirtualKeyA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
PostQuitMessage
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
RemoveMenu
InsertMenuA
AppendMenuA
GetMenuStringA
FindWindowA
DrawIcon
SetWindowRgn
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
WaitMessage
BeginPaint
EndPaint
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetMenuItemInfoA
DeleteMenu
GetSysColorBrush
IsClipboardFormatAvailable
PostThreadMessageA
GetSysColor
MessageBeep
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
IsMenu
GetCursor
LoadImageA
DrawFocusRect
DrawFrameControl
DestroyCursor
EnableWindow
GetWindowRect
IsWindowVisible
ScreenToClient
InvalidateRgn
CopyAcceleratorTableA
CharNextA
DestroyIcon
LockWindowUpdate
GetDCEx
FillRect
UnionRect
CharUpperA
GetWindowDC

gdi32

GetTextFaceA
GetWindowOrgEx
CreateEllipticRgnIndirect
EnumFontFamiliesExA
RoundRect
CreateDIBitmap
ExtCreateRegion
GetTextCharset
EnumFontFamiliesA
GetNearestColor
CreatePalette
StretchBlt
RealizePalette
OffsetRgn
CreateRoundRectRgn
GetViewportOrgEx
CreatePolygonRgn
SetDIBits
GetRgnBox
GetTextColor
CombineRgn
SetRectRgn
ExtCreatePen
SelectPalette
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
RestoreDC
SaveDC
CreateEllipticRgn
CopyMetaFileA
GetDeviceCaps
PatBlt
SetBkColor
GetClipBox
GetTextMetricsA
Ellipse
SetPixel
CreatePen
MoveToEx
LineTo
FillRgn
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32A
Rectangle
GetBitmapDimensionEx
SetBitmapBits
CreateFontA
DeleteObject
SetTextColor
SelectObject
CreateFontIndirectA
SetDIBitsToDevice
SetBkMode
GetStockObject
CreateSolidBrush
GetDIBits
LPtoDP
CreateBitmap
CreateDIBSection
GetMapMode
DPtoLP
GetBkColor
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
GetBitmapBits
FrameRgn

comdlg32

ChooseColorA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
CryptReleaseContext
CryptDestroyKey
CryptDestroyHash
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptDecrypt
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegDeleteValueA
RegCreateKeyA
RegQueryInfoKeyA

shell32

DragQueryPoint
ExtractIconA
SHGetFileInfoA
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileA
DragFinish
SHChangeNotify
DragAcceptFiles
ShellExecuteA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_Read
ImageList_Write
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_GetIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Duplicate
ImageList_LoadImageA
ImageList_Create

shlwapi

PathStripToRootA
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRegisterMessageFilter
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
OleLoadFromStream
WriteClassStm
OleSaveToStream
CoInitialize
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoTaskMemFree

oleaut32

OleCreateFontIndirect
VarBstrFromDate
VarDateFromStr
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString

ws2_32

closesocket
accept
socket
select
htons
bind
WSAGetLastError
WSAStartup
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
htonl
inet_ntoa
inet_addr
ntohl
gethostname
gethostbyname
listen
WSACleanup

iphlpapi

GetAdaptersInfo

dnsapi

DnsQueryConfig

winmm

PlaySoundA

msvfw32

ICGetInfo
ICOpen
ICDecompress
ICCompress
ICClose
ICInfo
ICSendMessage

libmx

mxGetPr
mxDestroyArray
mxCreateDoubleMatrix_730

mscoree

_CorExeMain

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 832KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db9caaa64fc9d1ab262fcf2b4a10a921

Headers

File Characteristics

PDB Paths

Imports

libeng

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

iphlpapi

dnsapi

winmm

msvfw32

libmx

mscoree

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 832KB - Virtual size: 828KB

.data Size: 128KB - Virtual size: 298KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 832KB - Virtual size: 828KB

.data
Size: 128KB - Virtual size: 298KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB