Static task
static1
Behavioral task
behavioral1
Sample
2024-04-19_54b651da5b379f2aeabc125f2091d03f_icedid_magniber.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
2024-04-19_54b651da5b379f2aeabc125f2091d03f_icedid_magniber.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
2024-04-19_54b651da5b379f2aeabc125f2091d03f_icedid_magniber
-
Size
5.1MB
-
MD5
54b651da5b379f2aeabc125f2091d03f
-
SHA1
6f947fe949a30e3a35a664ee22f017ff6236fd51
-
SHA256
bff78527e807aa749a31af74823a8565d28f156226950815f01297f094d8befe
-
SHA512
8aceb24980de91ba43a9b15e9fdad87c65255c9614e3ecea816be347399837a366ce70aaa8f5f88be6209ddb3928575db7a218820c15f9e41bfc5d57ba34f31d
-
SSDEEP
98304:uc16YVkkgnLBOBKcZ9RwPpu+DByFcBfWC7RDz6xaskAmtMB9FAe+nWOBElb:uc1vTyM3wxjTWCR6xaskir+jS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-04-19_54b651da5b379f2aeabc125f2091d03f_icedid_magniber
Files
-
2024-04-19_54b651da5b379f2aeabc125f2091d03f_icedid_magniber.exe windows:6 windows x86 arch:x86
d95e4953a8af70044c4bddf5a2cfc66d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
rpcrt4
RpcIfIdVectorFree
RpcEpRegisterA
NdrRpcSsDisableAllocate
RpcMgmtEpEltInqNextA
NdrNonEncapsulatedUnionMarshall
kernel32
GetFileTime
SetFileAttributesA
SystemTimeToTzSpecificLocalTime
VerSetConditionMask
VerifyVersionInfoA
GetDiskFreeSpaceA
GetTempFileNameA
ReplaceFileA
GetUserDefaultLCID
GetTempPathA
GetProfileIntA
SearchPathA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetOEMCP
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualProtect
FindNextFileW
GetFileAttributesExA
FindFirstFileExA
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CompareStringEx
GetStringTypeW
LCMapStringEx
OutputDebugStringW
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
FindFirstFileExW
FileTimeToSystemTime
GetAtomNameA
GetStringTypeExA
GetThreadLocale
MoveFileA
GetShortPathNameA
LoadLibraryExA
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
GetACP
lstrcmpiA
LocalUnlock
LocalLock
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CreateSemaphoreA
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ReleaseSemaphore
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FormatMessageA
MulDiv
GlobalSize
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
SetEvent
GlobalFree
GlobalUnlock
GetSystemDirectoryW
EncodePointer
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetVersionExA
GetCurrentThread
SetLastError
OutputDebugStringA
LocalFree
LocalAlloc
CopyFileA
FindNextFileA
FindFirstFileA
FindClose
GetCurrentThreadId
FindResourceExW
GetVolumeInformationW
MultiByteToWideChar
SetFileTime
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetCPInfo
SystemTimeToFileTime
SetFilePointer
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
TerminateThread
Process32Next
MapViewOfFile
ReadFile
lstrcpynA
CreateDirectoryA
GetModuleFileNameA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetTickCount
DeleteFileA
WaitForSingleObject
CreateProcessA
WriteFile
CreateFileA
WinExec
lstrlenA
lstrcatA
lstrcpyA
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
FindResourceA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
ReadProcessMemory
GetSystemDefaultLocaleName
GetApplicationRestartSettings
GetNativeSystemInfo
ReadDirectoryChangesW
GetProcessAffinityMask
GenerateConsoleCtrlEvent
OpenFileMappingA
GetLongPathNameW
FlsFree
CloseHandle
Sleep
GetCommandLineW
NotifyUILanguageChange
GetLocaleInfoEx
FindFirstChangeNotificationW
MoveFileTransactedW
GetDefaultCommConfigW
CreateThreadpoolWait
MapViewOfFileExNuma
GetCurrentActCtx
CreateIoCompletionPort
LeaveCriticalSectionWhenCallbackReturns
GetCurrencyFormatEx
CreateFileMappingNumaA
VirtualFreeEx
IsDBCSLeadByte
GetConsoleAliasW
CreateDirectoryExW
UnmapViewOfFile
GlobalAlloc
GetCalendarInfoA
CheckNameLegalDOS8Dot3W
TerminateJobObject
GetSystemWindowsDirectoryW
GetCPInfoExA
CancelTimerQueueTimer
SetConsoleMode
GetSystemFirmwareTable
GetBinaryTypeA
AttachConsole
GetLastError
WriteConsoleW
IsValidCodePage
CreateFileW
user32
UpdateLayeredWindow
UnionRect
FrameRect
SetCursorPos
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongA
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
GetMenuDefaultItem
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
GetMenuItemInfoA
DestroyMenu
CharUpperA
DestroyIcon
GetSysColorBrush
GetDialogBaseUnits
SetRect
GetTabbedTextExtentA
IsClipboardFormatAvailable
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
ReleaseCapture
SetCapture
WaitMessage
MsgWaitForMultipleObjectsEx
IntersectRect
WindowFromPoint
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
OffsetRect
SetRectEmpty
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
GetComboBoxInfo
WinHelpA
GetScrollInfo
SetScrollInfo
PostThreadMessageA
MessageBoxA
EnableWindow
LoadIconW
SendMessageA
LoadIconA
UnhookWindowsHookEx
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
GetUpdateRect
GetDCEx
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendNotifyMessageA
MonitorFromRect
CreateMenu
GetSysColor
GetWindowRect
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
KillTimer
SetWindowLongA
MessageBeep
InvalidateRect
SetTimer
GetMessagePos
ScreenToClient
PtInRect
SetCursor
IsWindow
GetParent
GetDC
ReleaseDC
InflateRect
LoadCursorA
CopyIcon
SetWindowPlacement
wsprintfA
PostMessageA
UnregisterClassA
AttachThreadInput
SetForegroundWindow
AllowSetForegroundWindow
LockSetForegroundWindow
SystemParametersInfoA
PostQuitMessage
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetKeyNameTextA
MapVirtualKeyA
CopyRect
GetFocus
CheckMenuItem
EnableMenuItem
MonitorFromPoint
WindowFromDC
GetWindowRgn
DestroyCursor
GetTabbedTextExtentW
MonitorFromWindow
InSendMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
ShowOwnedPopups
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
RegisterWindowMessageA
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsMenu
IsChild
SetWindowPos
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindowPlacement
gdi32
StartPage
EndPage
AbortDoc
SetAbortProc
CreateFontA
StretchDIBits
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
EndDoc
Rectangle
GetRgnBox
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
CreateCompatibleBitmap
GetCharWidthA
GetTextMetricsA
DPtoLP
SetRectRgn
GetMapMode
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
TextOutA
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
DeleteObject
Escape
ExcludeClipRect
GetClipBox
LPtoDP
GetClipRgn
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
GetStockObject
GetObjectA
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
PatBlt
CreateBitmap
CopyMetaFileA
CreateDCA
GetDeviceCaps
SetBkColor
SetTextColor
BitBlt
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
SetWorldTransform
DeleteDC
msimg32
TransparentBlt
AlphaBlend
comdlg32
GetFileTitleA
CommDlgExtendedError
winspool.drv
GetJobA
DocumentPropertiesA
OpenPrinterA
ClosePrinter
advapi32
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
CryptGetKeyParam
CryptSetKeyParam
CryptDestroyKey
CryptReleaseContext
RegCreateKeyExA
RegOpenKeyExW
StartServiceA
QueryServiceStatus
OpenServiceA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
ChangeServiceConfig2A
RegUnLoadKeyA
RegLoadKeyA
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
shell32
ShellExecuteA
SHGetFolderPathA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteExA
shlwapi
PathAppendA
SHSetValueA
SHGetValueA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
uxtheme
GetThemePartSize
GetThemeSysColor
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
IsAppThemed
ole32
StgCreateDocfile
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
StgOpenStorage
CoTreatAsClass
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
GetHGlobalFromILockBytes
OleLockRunning
OleSetMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleGetIconOfClass
OleRun
OleFlushClipboard
OleSetClipboard
PropVariantCopy
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
StringFromGUID2
CoDisconnectObject
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
StgOpenStorageOnILockBytes
oleaut32
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
VariantChangeType
SafeArrayGetElemsize
VariantClear
SafeArrayGetLBound
SysAllocStringLen
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
LoadTypeLi
VariantInit
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetUBound
SysFreeString
SafeArrayLock
oledlg
ord8
secur32
SaslSetContextOption
SaslEnumerateProfilesW
FreeCredentialsHandle
ChangeAccountPasswordW
AddSecurityPackageW
EnumerateSecurityPackagesW
wininet
FtpRemoveDirectoryA
InternetConnectW
InternetCreateUrlW
HttpOpenRequestW
HttpQueryInfoA
InternetClearAllPerSiteCookieDecisions
netapi32
NetUserEnum
gdiplus
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateBitmapFromStream
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundA
Sections
.text Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 602KB - Virtual size: 602KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ