2024-04-22_86fb55c1f4cdaa429db8027088d01cfb_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-22_86fb55c1f4cdaa429db8027088d01cfb_icedid
Size

1.7MB
MD5

86fb55c1f4cdaa429db8027088d01cfb
SHA1

7637c9144a3ef7bba8215fcc61b10176833b85e7
SHA256

3d4a51299a395fe394bf9ce1ea9cb8d6f828533872931d12f239ead8e6618893
SHA512

0d58b85f01c959f8cc04507fe4e23dad6710458806a63114d99d7e81aecfd4df9e016db88b5cf4395f9d3601ac5e67a22772fe1947e329aeced4390c985d1ee3
SSDEEP

24576:mWIVvIj/9UL2GUIJEOWWJb3kO246Ba+W1WClmO9FttxnTi6:WVvIfu3Ugya+Wdvtxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-22_86fb55c1f4cdaa429db8027088d01cfb_icedid

Files

2024-04-22_86fb55c1f4cdaa429db8027088d01cfb_icedid
.exe windows:6 windows x86 arch:x86

68a591975eb943b989697907c95e2971

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW
mixerClose
mixerSetControlDetails
mixerGetControlDetailsW
mixerGetLineControlsW
mixerGetLineInfoW
mixerGetID
mixerOpen
mixerGetNumDevs
waveOutClose
waveOutOpen
mciGetErrorStringW
mciSendStringW
timeBeginPeriod
timeGetTime
timeEndPeriod

kernel32

ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetThreadLocale
VirtualProtect
CreateEventW
SuspendThread
ResumeThread
lstrcmpA
GetCurrentThread
GetTickCount64
SystemTimeToFileTime
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileAttributesW
SetFileTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LocalReAlloc
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FindResourceExW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetFileSize
FlushFileBuffers
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
IsValidCodePage
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
SetLastError
OutputDebugStringA
GetACP
MulDiv
LocalUnlock
LocalLock
GetCurrentThreadId
GetModuleFileNameA
lstrlenW
FormatMessageW
GetPriorityClass
SetPriorityClass
CreateProcessW
GetThreadPriority
SetThreadPriority
GetCurrentProcess
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
lstrcpyW
GetModuleHandleW
OutputDebugStringW
RaiseException
FreeResource
RtlUnwind
SetStdHandle
GetFileType
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
GetStdHandle
ExitProcess
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
WideCharToMultiByte
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
GetVersionExW
CreateMutexW
GetTempPathW
QueryPerformanceFrequency
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GlobalHandle
GlobalSize
CloseHandle
WriteFile
CreateFileW
_llseek
FindFirstFileExW
LockFile
_lclose
_lread
OpenFile
LocalFree
LocalAlloc
GlobalReAlloc
GetProcAddress
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
DeleteFileW
GetTimeFormatW
GetDateFormatW
GetWindowsDirectoryW
GetLocalTime
GetVersion
WaitForSingleObject
ResetEvent
SetEvent
QueryPerformanceCounter
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetErrorMode
GetVolumeInformationW
GetFullPathNameW
GetFileAttributesExW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
CreateDirectoryW
SetCurrentDirectoryW
FindResourceW
SizeofResource
LockResource
LoadResource
MultiByteToWideChar
LoadLibraryW
FreeLibrary
GetTickCount
Sleep
EnterCriticalSection
GetLastError
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
LoadLibraryExA

user32

SetWindowContextHelpId
RegisterClipboardFormatW
CharNextW
GetMessageW
MapDialogRect
CharUpperW
GetCursorPos
GetDesktopWindow
EndDialog
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
SetDlgItemTextW
GetMonitorInfoW
MonitorFromWindow
GetTopWindow
GetClassLongW
PtInRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
SetActiveWindow
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
CheckMenuItem
GetScrollPos
ScreenToClient
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
GetMenuItemCount
GetMenuItemID
GetNextDlgGroupItem
SendDlgItemMessageA
WinHelpW
IsDialogMessageW
GetClassNameW
SetRect
MessageBoxW
SetWindowTextW
EnableMenuItem
GetSystemMenu
GetDialogBaseUnits
CheckDlgButton
GetDlgItem
CreateDialogIndirectParamW
MoveWindow
PostQuitMessage
WaitMessage
DispatchMessageW
TranslateMessage
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
RegisterClassW
LoadStringW
DestroyWindow
CreateWindowExW
RegisterClassExW
GetWindow
GetWindowTextW
WaitForInputIdle
DrawTextW
UnregisterClassW
CopyIcon
MessageBeep
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowLongW
SetLayeredWindowAttributes
ScrollDC
GetSysColorBrush
RealChildWindowFromPoint
SetCapture
ReleaseCapture
CopyAcceleratorTableW
InvalidateRgn
IsRectEmpty
DrawIcon
GetWindowThreadProcessId
EnumWindows
SetMenuItemBitmaps
SendMessageTimeoutW
wsprintfW
ChangeDisplaySettingsExW
UnionRect
GetSystemMetrics
GetWindowPlacement
RedrawWindow
LoadIconW
GetLastActivePopup
FindWindowW
IsIconic
DefWindowProcW
PeekMessageW
GetGestureInfo
EqualRect
ShowCursor
AdjustWindowRect
SetForegroundWindow
GetForegroundWindow
KillTimer
mouse_event
GetAsyncKeyState
GetFocus
BringWindowToTop
IsWindow
UnregisterPowerSettingNotification
UnregisterHotKey
RegisterHotKey
EnumDisplaySettingsW
SetRectEmpty
SetWindowPos
GetIconInfo
CreateIconIndirect
LoadImageW
PostThreadMessageW
DestroyIcon
DestroyCursor
GetParent
GetWindowLongW
OffsetRect
CopyRect
FrameRect
FillRect
DrawFocusRect
GetSysColor
WindowFromPoint
ClientToScreen
SetCursor
DrawStateW
TrackPopupMenuEx
GetSubMenu
DestroyMenu
GetActiveWindow
GetNextDlgTabItem
InflateRect
SystemParametersInfoW
GetClientRect
ValidateRect
InvalidateRect
UpdateWindow
SetTimer
EndPaint
BeginPaint
SetFocus
ShowWindow
LoadCursorW
EnableWindow
PostMessageW
SendMessageW
IntersectRect
GetWindowRect
ReleaseDC
GetDC
GetWindowTextLengthW

gdi32

SetMapMode
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
EnumFontFamiliesExW
GetRgnBox
StretchDIBits
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
GetWindowExtEx
BitBlt
CreateDIBSection
SetDIBitsToDevice
GetSystemPaletteEntries
GetDIBits
GetPaletteEntries
SetDIBits
Escape
CreatePen
GetTextExtentPoint32W
SetBkMode
CreatePolygonRgn
CreateRectRgn
CreateEllipticRgn
CombineRgn
GetDCOrgEx
GetClipBox
CreateSolidBrush
CreateFontIndirectW
GetICMProfileW
CreateDCW
SelectPalette
GetDeviceCaps
CreatePalette
CreateDIBitmap
Polygon
SetTextColor
SetPixel
GetStockObject
GetPixel
CreateCompatibleBitmap
CreateBitmap
RealizePalette
ExtTextOutW
SetBkColor
GetObjectW
SetStretchBltMode
StretchBlt
SelectObject
PatBlt
DeleteObject
DeleteDC
CreateCompatibleDC
GetViewportExtEx

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueW
RegCreateKeyW
RegOpenKeyW
RegSetValueExW

shell32

SHGetDesktopFolder
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
SHGetPropertyStoreFromParsingName
SHGetMalloc

comctl32

ord380
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
PropVariantClear
CoCreateInstance
StringFromGUID2
CoCreateGuid
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoInitialize
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter

oleaut32

VariantCopy
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
VariantInit
VariantClear
VariantChangeType
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
SysAllocStringLen
VarDateFromStr
OleCreateFontIndirect
SysAllocString
SysStringLen
SafeArrayDestroy

oledlg

OleUIBusyW

d3d9

Direct3DCreate9Ex

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

oleacc

CreateStdAccessibleObject
LresultFromObject

propsys

PropVariantGetUInt64Elem

Sections

.text
Size: 925KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 485KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68a591975eb943b989697907c95e2971

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

d3d9

version

oleacc

propsys

Sections

.text Size: 925KB - Virtual size: 924KB

.rdata Size: 485KB - Virtual size: 485KB

.data Size: 71KB - Virtual size: 110KB

.rsrc Size: 250KB - Virtual size: 249KB

.text
Size: 925KB - Virtual size: 924KB

.rdata
Size: 485KB - Virtual size: 485KB

.data
Size: 71KB - Virtual size: 110KB

.rsrc
Size: 250KB - Virtual size: 249KB