2024-04-22_f83c6b9803bdcd629642ef80281d3070_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-22_f83c6b9803bdcd629642ef80281d3070_icedid
Size

11.0MB
MD5

f83c6b9803bdcd629642ef80281d3070
SHA1

e3363a0009409b9b9a1c7415580a63f6dbeeb1b8
SHA256

6f129f7e38e3ecdcbf1cb83bc549e1f775aec7c4423e81224a737ed0a8150fde
SHA512

197cd8f6c82e1ce534531531109b44dbcdf4d241cac1f55dd693bf0d397ac87e0a05deced06a55fb16b6161959ff6898788f129b3472d2e4320199efbd0f50a8
SSDEEP

196608:A7cMX4jXPXqu8SeaiQgogBogLcqkuOEuq9lLzFchMOY0af5IIvREiBz3PgDrXgL4:A7j4jWLaiQgIuOj2zFxOjaf5vRjBLIX9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-22_f83c6b9803bdcd629642ef80281d3070_icedid

Files

2024-04-22_f83c6b9803bdcd629642ef80281d3070_icedid
.exe windows:5 windows x86 arch:x86

0e8999a255a292e61c0e57e4bab246c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

MCIWndCreateW

wsock32

WSACleanup
gethostbyname
WSAStartup
gethostname

imm32

ImmGetOpenStatus
ImmNotifyIME
ImmGetContext
ImmGetCompositionStringW
ImmGetCompositionStringA
ImmIsUIMessageA
ImmReleaseContext

kernel32

GetTimeZoneInformation
HeapCreate
GetConsoleCP
GetConsoleMode
EnumSystemLocalesA
IsValidLocale
GetFileInformationByHandle
PeekNamedPipe
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
CreateThread
ExitThread
ExitProcess
MoveFileA
FindFirstFileExW
GetDriveTypeW
HeapReAlloc
HeapAlloc
DecodePointer
EncodePointer
GetDateFormatW
GetTimeFormatW
GetSystemTimeAsFileTime
RaiseException
HeapFree
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
GetNumberFormatW
lstrcpyW
GetSystemDirectoryW
GetFileSizeEx
LocalFileTimeToFileTime
SetFileAttributesW
GetFileAttributesExW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
LocalAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
GetDiskFreeSpaceW
GetFileTime
SetFileTime
ReplaceFileW
SystemTimeToFileTime
GetFileAttributesW
GetUserDefaultLCID
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
GetCurrentThreadId
IsProcessorFeaturePresent
GlobalFindAtomW
CompareStringW
lstrcmpW
FileTimeToLocalFileTime
ReleaseActCtx
CreateActCtxW
GetModuleHandleA
GetSystemDirectoryA
DosDateTimeToFileTime
FileTimeToSystemTime
IsDBCSLeadByteEx
GetUserDefaultLangID
SetErrorMode
GetModuleFileNameA
GetStringTypeW
IsDBCSLeadByte
GetACP
GetDateFormatA
GetTimeFormatA
GetLocalTime
lstrcatA
GetLocaleInfoA
CreateFileA
lstrcmpA
GetCPInfo
lstrcmpiA
FormatMessageA
lstrcpyA
IsBadHugeReadPtr
IsBadHugeWritePtr
GlobalFlags
ActivateActCtx
DeactivateActCtx
SetLastError
GetModuleHandleW
GetCurrentDirectoryW
GetCurrentProcessId
GetSystemDefaultUILanguage
DeleteFileW
GetVersion
lstrlenW
GetVersionExW
GetProfileIntW
SearchPathW
FreeLibrary
LoadLibraryA
GetShortPathNameW
CreateMutexW
Sleep
WaitForSingleObject
ReleaseMutex
GetTempFileNameW
WideCharToMultiByte
FreeResource
GlobalSize
GlobalReAlloc
GetFileSize
MulDiv
GetProcAddress
GlobalAlloc
GetFullPathNameW
GlobalDeleteAtom
GlobalLock
GlobalGetAtomNameW
GlobalUnlock
GlobalFree
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
SetCurrentDirectoryW
CreateFileW
SetFilePointer
ReadFile
VirtualAlloc
VirtualFree
WriteFile
CreateProcessW
FormatMessageW
LocalFree
GetExitCodeProcess
FindFirstFileW
FindNextFileW
FindClose
CloseHandle
GetModuleFileNameW
GetWindowsDirectoryW
GetTempPathW
CopyFileW
GetTickCount
CreateDirectoryW
lstrlenA
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
IsValidCodePage
GetOEMCP
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
GlobalAddAtomW
GetFileAttributesA
LCMapStringW
DeleteFileA

user32

SetDlgItemTextW
CheckDlgButton
CharUpperW
ShowOwnedPopups
GetMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
SendDlgItemMessageW
WinHelpW
SetWindowsHookExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
MonitorFromWindow
GetMonitorInfoW
ScrollWindow
GetScrollRange
GetScrollPos
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetSubMenu
MoveWindow
SetDlgItemInt
SendDlgItemMessageA
EndDialog
TrackPopupMenu
SetScrollInfo
CallWindowProcA
LoadAcceleratorsA
SetScrollPos
RegisterClipboardFormatA
ShowScrollBar
SetScrollRange
DialogBoxParamA
CreateCaret
DestroyCaret
wvsprintfA
FindWindowA
IsCharUpperW
CharLowerW
SetDlgItemTextA
GetDlgItemTextA
GetDlgItemInt
BeginPaint
EndPaint
ShowCaret
HideCaret
EmptyClipboard
GetWindowLongA
GetWindowTextLengthA
SetCaretPos
CharUpperBuffA
CharLowerBuffA
ValidateRect
GetKeyboardLayout
wsprintfA
GetDlgItem
GetWindowTextA
AppendMenuA
GetClassInfoA
LoadIconA
LoadCursorA
RegisterClassA
WinHelpA
GetMenu
SetWindowLongA
SetMenu
DestroyWindow
SetWindowsHookExA
UnhookWindowsHookEx
SetWindowTextA
EnableMenuItem
CheckMenuItem
DestroyAcceleratorTable
UnregisterClassA
TranslateAcceleratorA
PeekMessageA
GetKeyboardState
CallNextHookEx
GetClassNameA
SendMessageA
PostMessageA
CreateWindowExA
MessageBoxA
LoadStringA
GetActiveWindow
MessageBoxW
DrawIconEx
DestroyIcon
ShowWindow
RegisterClipboardFormatW
IsClipboardFormatAvailable
OpenClipboard
CloseClipboard
GetCursor
GetAsyncKeyState
IsChild
LoadBitmapW
GetWindowDC
DrawFrameControl
FrameRect
GetClassNameW
GetFocus
ClientToScreen
WindowFromPoint
GetDesktopWindow
SetRect
GetSysColor
SetWindowLongW
CallWindowProcW
GetCapture
RedrawWindow
GetTopWindow
GetWindow
IsIconic
InvalidateRgn
UnionRect
InflateRect
RegisterWindowMessageW
IntersectRect
OffsetRect
DrawTextW
CopyRect
TranslateMessage
DispatchMessageW
RemoveMenu
SystemParametersInfoW
CreatePopupMenu
GetMenuItemCount
GetSystemMenu
AppendMenuW
DestroyMenu
SetFocus
SetActiveWindow
LoadImageW
EnumChildWindows
GetWindowLongW
AdjustWindowRect
SetWindowPos
GetMessagePos
GetMessageTime
FillRect
SetClipboardData
GetClipboardData
EqualRect
SetRectEmpty
UnpackDDElParam
GetCursorPos
SetCursor
PtInRect
SetCapture
ScreenToClient
ReleaseCapture
EnableWindow
FindWindowW
KillTimer
ToUnicodeEx
DrawEdge
DrawStateW
SetClassLongW
IsZoomed
SetTimer
IsWindowVisible
InvalidateRect
ReleaseDC
GetDC
MapWindowPoints
GetClientRect
GetWindowRect
PostMessageW
GetSystemMetrics
MessageBeep
WaitForInputIdle
PeekMessageW
PostQuitMessage
wsprintfW
SetParent
GetParent
GetWindowRgn
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
GetUpdateRect
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
WaitMessage
PostThreadMessageW
IsMenu
UpdateWindow
VkKeyScanW
LoadCursorW
DestroyCursor
IsWindow
LoadIconW
SendMessageW
GetKeyState
CopyImage
GetIconInfo
MonitorFromPoint
UpdateLayeredWindow
MapVirtualKeyExW
IsCharLowerW
LockWindowUpdate
DefWindowProcA
CreateAcceleratorTableW
NotifyWinEvent
EnableScrollBar
DrawFocusRect
InvertRect
GetMenuDefaultItem
GetNextDlgGroupItem
CopyAcceleratorTableW
CharNextW
SetLayeredWindowAttributes
EnumDisplayMonitors
DeleteMenu
RealChildWindowFromPoint
GetSysColorBrush
SetCursorPos
GetMenuItemInfoW
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
GetWindowThreadProcessId
GrayStringW
DrawTextExW
TabbedTextOutW
SetWindowRgn
DrawIcon
IsRectEmpty
SetWindowContextHelpId
MapDialogRect
SetWindowTextW
GetDlgCtrlID
IsDialogMessageW
UnregisterClassW

gdi32

CreateSolidBrush
CreateFontIndirectW
TextOutW
GetTextExtentPoint32W
GetTextMetricsW
StartDocW
StartPage
EndPage
EndDoc
CreatePen
Rectangle
LineTo
MoveToEx
SetROP2
CreateRoundRectRgn
CombineRgn
Polygon
IntersectClipRect
CreatePatternBrush
SetBkMode
SetTextColor
SetBitmapBits
SetViewportOrgEx
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsA
TranslateCharsetInfo
EnumFontsA
GetTextExtentPointW
GetTextExtentPointA
GetCharWidthA
GetCharWidthW
DeleteMetaFile
CreateRectRgn
GetTextColor
GetBkMode
PlayEnhMetaFileRecord
StretchDIBits
PlayMetaFileRecord
SetWindowOrgEx
EnumMetaFile
SetViewportExtEx
SetWindowExtEx
SetMapMode
EnumEnhMetaFile
RestoreDC
SaveDC
GetObjectA
SetDIBits
GetEnhMetaFileBits
SetMetaFileBitsEx
GetMetaFileBitsEx
PtInRegion
CreatePolygonRgn
SetWorldTransform
SetGraphicsMode
ModifyWorldTransform
Ellipse
ExtTextOutA
SetPixel
SetTextCharacterExtra
ExtTextOutW
TextOutA
SetTextAlign
CloseEnhMetaFile
CreateEnhMetaFileA
StretchBlt
CreateDIBSection
Polyline
CreateBitmapIndirect
CopyMetaFileW
CreateDCW
CreateEllipticRgn
DPtoLP
LPtoDP
SetPolyFillMode
GetClipBox
ExcludeClipRect
GetLayout
SetLayout
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
Escape
OffsetViewportOrgEx
ScaleViewportExtEx
OffsetWindowOrgEx
ScaleWindowExtEx
GetObjectType
CreateHatchBrush
SetRectRgn
GetMapMode
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetRgnBox
GetNearestPaletteIndex
SetDIBColorTable
OffsetRgn
EnumFontFamiliesExW
GetWindowOrgEx
GetViewportOrgEx
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
GetPixel
CreateRectRgnIndirect
ExtSelectClipRgn
PlayEnhMetaFile
GetStockObject
CreateCompatibleBitmap
GetCharacterPlacementW
SetStretchBltMode
PatBlt
GetNearestColor
GetDIBits
GetEnhMetaFileW
CopyEnhMetaFileW
DeleteEnhMetaFile
SetWinMetaFileBits
SetEnhMetaFileBits
GetEnhMetaFileHeader
GetSystemPaletteEntries
GetPaletteEntries
CreateBitmap
CreateCompatibleDC
SetBkColor
BitBlt
DeleteDC
CreatePalette
SelectPalette
RealizePalette
CreateDIBitmap
SelectObject
GetObjectW
SelectClipRgn
GetCharacterPlacementA
DeleteObject
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

comdlg32

ChooseColorA
ChooseFontA
GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

SetFileSecurityW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumKeyExW
RegEnumValueW
GetFileSecurityW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
FindExecutableW
DragAcceptFiles
ShellExecuteA
SHGetFileInfoW
DragFinish
SHAppBarMessage
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetDesktopFolder
ExtractIconW
DragQueryFileW

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoTaskMemFree
OleDraw
CoInitialize
CoCreateInstance
CoUninitialize
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
ReleaseStgMedium
IsAccelerator

oleaut32

VariantChangeType
VariantInit
SysAllocString
VariantCopy
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

wininet

InternetGetConnectedState
InternetErrorDlg
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable

winmm

PlaySoundW

Exports

Exports

_CloseTer@8
_ConvertBitmapBits@24
_ConvertBitmapImage@16
_CreateAnimationMaskImage@28
_CreateGIFButtonFromBitmaps@28
_CreateGIFFromBitmap@20
_CreateJPEGFromBitmap@16
_CreateRotatedImage@16
_CreateTerWindow@4
_DeselectTerText@8
_GetFontInfo2@20
_GetTerBuffer@12
_GetTerCursorPos@12
_GetTerDefaultFont@24
_GetTerFields@8
_ImageConvertWebImage@16
_ImageCountGIFFrames@8
_ImageLoadCleanup@8
_ImageLoadFile@24
_ImageLoadFileTransIndex@28
_ImageLoadGIFAnimation@28
_ImageLoadResource@24
_ImageLoadResourceTransIndex@28
_ImageSplitWebImage@16
_ImageWriteAnimGifFile@20
_ImageWriteGifFile@20
_ImageWriteJpegFile@20
_ImageWritePngFile@20
_InsertRtfBuf@24
_LoadTerControl@4
_ParaLeftIndent@12
_ParaRightIndent@12
_ReplaceTerFont@48
_SearchDisplay2@40
_SelectTerText@24
_SerialImageCleanup@8
_SerialImageFileFirst@24
_SerialImageNext@16
_SerialImagePercentComplete@8
_SerialImageResourceFirst@24
_SetImagePalette@8
_SetTerBkColor@12
_SetTerBuffer@20
_SetTerBulletToHTMLInfo@12
_SetTerCharStyle@16
_SetTerColor@12
_SetTerCursorPos@16
_SetTerDefaultFont@28
_SetTerFont@12
_SetTerParaFmt@16
_SetTerPointSize@12
_TerAppendText@20
_TerAppendTextU@28
_TerCellColor@16
_TerChangeListStart@8
_TerCopyAllToClipboard@4
_TerCreateTable@16
_TerDeleteBlock@8
_TerDeleteCells@12
_TerDeleteHypertext@16
_TerEnableFormatMarks@8
_TerFlushUndo@4
_TerGetAccelHandle@4
_TerGetBulletInfo@32
_TerGetCaretPos@4
_TerGetCurrFontHeight@4
_TerGetEffectiveFont@4
_TerGetFontInfo@20
_TerGetHypertext2@24
_TerGetHypertextFullLink@24
_TerGetLine@16
_TerGetLineInfo@40
_TerGetListNumberingStyle@8
_TerGetOptimalWindowRect2@8
_TerGetOptimalWindowRect@20
_TerGetParaInfo@56
_TerGetRtfSel@8
_TerGetSelection@20
_TerGetTableProperties@8
_TerGetTextColor@16
_TerGetTextSel@8
_TerGetTextSelU@8
_TerGetTextU@8
_TerGetWindowPos@16
_TerIgnoreCommand@4
_TerInitSSCE@28
_TerInsertField@16
_TerInsertFieldU@16
_TerInsertLine@28
_TerInsertObjFrame@20
_TerInsertPictureFile@20
_TerInsertTableCol@16
_TerInsertTableRow@12
_TerInsertText@20
_TerInsertTextU@20
_TerInsertWindow@32
_TerInvalidatetObjFrames@4
_TerIsModified@4
_TerMenuEnable@8
_TerMenuSelect@8
_TerMoveParaFrame@24
_TerPlaceObjFrame@24
_TerQuickRepaint@4
_TerRegisterMsgCallback@8
_TerRemoveUnusedObjFrames@4
_TerRemoveWindow@8
_TerRenderToBackground@12
_TerReplaceSel@8
_TerReplaceSelU@8
_TerSelectMisspelledWord@16
_TerSetAccelHandle@8
_TerSetBorderColor@8
_TerSetBorderSize@12
_TerSetBullet@12
_TerSetBulletEx@28
_TerSetCurrentPos@12
_TerSetFlags2@12
_TerSetFlags3@12
_TerSetFlags4@12
_TerSetFlags5@12
_TerSetFlags6@12
_TerSetFlags7@12
_TerSetFlags@12
_TerSetModify@8
_TerSetOutputFormat@8
_TerSetParaListEx@12
_TerSetPassThru@8
_TerSetReadOnly@8
_TerSetScroll@8
_TerSetSelection@24
_TerSetSpellAsYouType@8
_TerSetTableProperties@8
_TerSetTableTemplate@8
_TerSetWindowSize@20
_TerSetZoom@8
_TerTranslateRTF@8
_TerUpdateBackground@20
_TerUpdateColorTable@16
_TerUpdateFromPrevVersion@20
_UpdateTerLinkColor@16
_ValidImageFile@4

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 458KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e8999a255a292e61c0e57e4bab246c9

Headers

DLL Characteristics

File Characteristics

Imports

msvfw32

wsock32

imm32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

wininet

winmm

Exports

Exports

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 458KB - Virtual size: 457KB

.data Size: 61KB - Virtual size: 136KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 458KB - Virtual size: 457KB

.data
Size: 61KB - Virtual size: 136KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB