2024-04-18_23d861e7224df8284abe69cf0350d07c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-18_23d861e7224df8284abe69cf0350d07c_icedid
Size

1.4MB
MD5

23d861e7224df8284abe69cf0350d07c
SHA1

e20634142f1bdf03a74a238321f98e49f2781f48
SHA256

b988ffcafad00c90879ad30dda0391caba12bf4dd9b9bfe9ca59bcd1a0ad726f
SHA512

db915b24546b29817665d954a898eeee25109e08cd2365efc1b1b61dba29421db0d95acf08d25bb941be47c272c44294ecdb9ddaec53b3cea26d8c0c84404972
SSDEEP

24576:Vi1+TmjEhUd9SEy+h/l8kuthw91eOuaXLQYX62KgeLUj/ocH:Vi1/gid9SHK1uwvJuaXLQYX62KgeLU3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-18_23d861e7224df8284abe69cf0350d07c_icedid

Files

2024-04-18_23d861e7224df8284abe69cf0350d07c_icedid
.exe windows:4 windows x86 arch:x86

92f7552355e35a3e8684b9bebeabc578

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Sources\PhraseBook2007\Release_NT\PhraseBook.pdb

Imports

winmm

waveInAddBuffer
waveInStart
waveInGetErrorTextW
waveInOpen
waveInClose
waveInUnprepareHeader
waveInReset
waveInStop
waveOutWrite
waveOutPrepareHeader
waveOutOpen
waveOutReset
waveOutClose
waveInPrepareHeader
waveOutUnprepareHeader

kernel32

FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesW
GetFileAttributesW
GetFileTime
LocalUnlock
LocalLock
GetTempFileNameW
GetDiskFreeSpaceW
GetStartupInfoW
ExitProcess
RtlUnwind
FindFirstFileA
FindNextFileA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
TerminateProcess
ExitThread
HeapSize
SetErrorMode
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetCPInfo
FatalAppExitA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadWritePtr
GetTimeZoneInformation
GetOEMCP
SetStdHandle
CreateFileA
IsBadReadPtr
IsBadCodePtr
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
GlobalGetAtomNameW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
GetStringTypeExW
DeleteFileW
MoveFileW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
lstrcmpiA
ConvertDefaultLocale
EnumResourceLanguagesW
LoadLibraryW
GetLocaleInfoW
SystemTimeToFileTime
FileTimeToSystemTime
InterlockedIncrement
lstrcmpA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
FreeLibrary
GetModuleHandleW
GetVersionExA
FreeResource
WritePrivateProfileStringW
GetPrivateProfileIntW
SetLastError
CopyFileW
MulDiv
FormatMessageW
LoadLibraryA
GetProcAddress
LocalFree
WinExec
lstrcatW
lstrcpyW
lstrcmpW
CreateMutexW
CreateMailslotW
IsValidLocale
ReleaseMutex
GetLastError
GetVersion
RaiseException
lstrlenW
InterlockedDecrement
GetModuleFileNameW
CreateDirectoryW
FindNextFileW
lstrcpynW
OutputDebugStringW
LocalAlloc
GlobalFree
CreateFileW
WriteFile
FindFirstFileW
FindClose
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GetPrivateProfileStringW
GetCurrentDirectoryW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
WaitForSingleObject
CreateThread
CloseHandle
LeaveCriticalSection
EnterCriticalSection
Sleep
InitializeCriticalSection
GetStdHandle

user32

CharUpperW
GetSysColorBrush
GetDialogBaseUnits
GetDCEx
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatW
GetNextDlgGroupItem
MessageBeep
DeleteMenu
DestroyIcon
GetSystemMenu
SetParent
GetTabbedTextExtentW
PostThreadMessageW
SetRectEmpty
IsRectEmpty
MapVirtualKeyW
GetKeyNameTextW
GetCursorPos
WindowFromPoint
SetRect
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SystemParametersInfoW
DestroyMenu
InflateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ScrollWindowEx
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
UnregisterClassA
GetFocus
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
GetMessageW
GetScrollPos
ShowScrollBar
IsWindowVisible
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoW
RegisterClassW
SetWindowPlacement
DefWindowProcW
CallWindowProcW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
GetWindowDC
InvalidateRect
UnregisterClassW
LoadAcceleratorsW
FindWindowW
GetWindowLongW
ShowWindow
SetForegroundWindow
TranslateAcceleratorW
RegisterWindowMessageW
CreateWindowExW
SetWindowLongW
ClipCursor
SetCursorPos
MessageBoxA
SetCursor
GetDC
ReleaseDC
GetSystemMetrics
LoadIconW
LoadCursorW
KillTimer
SetTimer
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
IsIconic
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
CharNextW
SetMenu
GetMenu
SendMessageW
GetMenuState
CheckMenuItem
DrawIcon
FillRect
LoadBitmapW
wsprintfW
ModifyMenuW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
ReleaseCapture
SetCapture
InvalidateRgn
CopyAcceleratorTableW
SetScrollPos
UnionRect
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
EnableWindow
OpenClipboard
LockWindowUpdate
UpdateWindow
PostMessageW
LoadMenuW
GetSubMenu
EnableMenuItem
GetKeyState
MessageBoxW
PeekMessageW
GetDlgCtrlID
SendDlgItemMessageA

gdi32

ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
PtVisible
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetBkColor
CreateRectRgnIndirect
PatBlt
StretchDIBits
GetCharWidthW
CreateFontW
GetRgnBox
GetTextColor
GetTextMetricsW
PolyBezierTo
CombineRgn
GetMapMode
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
StartDocW
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetObjectW
SelectObject
GetDIBits
DeleteDC
GetPixel
StretchBlt
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetRectRgn
CreateFontIndirectW
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
CreateBitmap
SetBkColor
RectVisible

comdlg32

FindTextW
CommDlgExtendedError
ReplaceTextW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW
PageSetupDlgW
GetFileTitleW

winspool.drv

DocumentPropertiesW
GetJobW
OpenPrinterW
ClosePrinter

advapi32

RegCreateKeyW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegQueryValueExA
RegOpenKeyExA
RegSetValueW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
GetFileSecurityW
SetFileSecurityW
RegCloseKey
RegQueryValueW
RegEnumKeyW

shell32

ExtractIconW
SHGetSpecialFolderPathW
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

ImageList_AddMasked
ord17
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
ImageList_Merge
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

WriteFmtUserTypeStg
CoRegisterMessageFilter
CoTaskMemFree
WriteClassStg
OleFlushClipboard
OleIsCurrentClipboard
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateStreamOnHGlobal
CreateBindCtx
ReleaseStgMedium
OleDuplicateData
StringFromCLSID
CoTreatAsClass
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
SetConvertStg
CLSIDFromString

oleaut32

SysFreeString
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
CreateErrorInfo
SetErrorInfo
GetErrorInfo
LoadRegTypeLi
DispCallFunc
VariantChangeType
VariantCopy
VarBstrCmp
SysAllocStringLen
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SysAllocString

Sections

.text
Size: 564KB - Virtual size: 563KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 691KB - Virtual size: 691KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92f7552355e35a3e8684b9bebeabc578

Headers

File Characteristics

PDB Paths

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 564KB - Virtual size: 563KB

.rdata Size: 177KB - Virtual size: 176KB

.data Size: 18KB - Virtual size: 540KB

.rsrc Size: 691KB - Virtual size: 691KB

.text
Size: 564KB - Virtual size: 563KB

.rdata
Size: 177KB - Virtual size: 176KB

.data
Size: 18KB - Virtual size: 540KB

.rsrc
Size: 691KB - Virtual size: 691KB