2024-04-24_2bfef6ae419477e4a0cc3e14bab7a05b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-24_2bfef6ae419477e4a0cc3e14bab7a05b_icedid
Size

8.4MB
MD5

2bfef6ae419477e4a0cc3e14bab7a05b
SHA1

e70f2231d05421a97626b2be63622b9b765105df
SHA256

14f8de65c61342c40eda5c747f4398e698cf875c855cb04f441021908dda8186
SHA512

ad09f982df22e23264c92876859ed2a2f05999317c764f2a5bd078e2cd78e4fb03bfcc5ca1ad25f6c3c35f59eeb85d35e7f54376659a94f55072b39d0122cfef
SSDEEP

196608:tRtXZY71psk0gqOGKlf/v/vfvUDdklYxUZpsWAui4s84LT9LG5kqj9ByF3W1gBT/:YvskS4f/v/vfvUDdklYxU/sWGv8TP5QX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-24_2bfef6ae419477e4a0cc3e14bab7a05b_icedid

Files

2024-04-24_2bfef6ae419477e4a0cc3e14bab7a05b_icedid
.exe windows:5 windows x86 arch:x86

d052377bcd8401afa9e93d452782d181

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup

kernel32

InterlockedIncrement
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
ResumeThread
WaitForSingleObject
SuspendThread
FindResourceExW
GetProfileIntW
SearchPathW
GetTempFileNameW
GetTimeFormatW
GetDateFormatW
GetSystemDefaultLCID
lstrcpyW
CompareStringA
InterlockedExchange
lstrcmpW
CreateEventW
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetTimeZoneInformation
GetTempPathW
FormatMessageW
LocalAlloc
LocalFree
GetTickCount
GetFileSize
SetFilePointer
ReadFile
FileTimeToSystemTime
GetModuleHandleW
CreateFileW
WriteFile
GetCurrentProcess
SetProcessWorkingSetSize
GetModuleFileNameW
Sleep
CreateDirectoryW
CopyFileW
MultiByteToWideChar
CloseHandle
CreateMutexW
GetLastError
lstrlenW
SetLastError
LoadLibraryW
GetProcAddress
SetEvent
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
FreeLibrary
GlobalAddAtomW
GetCurrentProcessId
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
FreeResource
InterlockedDecrement
GetVersionExA
LoadLibraryA
CompareStringW
GetVersionExW
GlobalFindAtomW
GetModuleHandleA
MoveFileW
DeleteFileW
GetStringTypeExW
GetThreadLocale
lstrcmpiW
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
lstrlenA
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetLocaleInfoW
GlobalGetAtomNameW
GetCurrentDirectoryW
GlobalFlags
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
SetErrorMode
GetStartupInfoW
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
RaiseException
HeapReAlloc
ExitProcess
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA

user32

TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
GetKeyNameTextW
MapVirtualKeyW
EndDialog
GetNextDlgTabItem
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
TrackPopupMenuEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
CreateDialogIndirectParamW
GetMenu
OffsetRect
IntersectRect
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
EndDeferWindowPos
GetTopWindow
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
SystemParametersInfoA
GetWindowPlacement
GetClassNameW
GetClassLongW
GetCapture
LoadMenuW
IsChild
WinHelpW
SendDlgItemMessageA
RegisterWindowMessageW
GetDC
ScreenToClient
ReleaseDC
GetWindowRect
GetSysColor
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
CopyRect
UnhookWindowsHookEx
GetWindowTextLengthW
GetWindowTextW
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GrayStringW
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
CharUpperW
GetSysColorBrush
LoadCursorW
DeleteMenu
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharNextW
IsRectEmpty
SetRect
CopyAcceleratorTableW
InvalidateRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassW
SetRectEmpty
GetDialogBaseUnits
TranslateAcceleratorW
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatW
SetParent
UnionRect
PostThreadMessageW
LockWindowUpdate
GetSubMenu
AppendMenuW
PtInRect
GetDlgItem
CheckDlgButton
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
GetDesktopWindow
GetCursorPos
GetSystemMetrics
RedrawWindow
IsZoomed
DrawStateW
DrawIconEx
DrawFrameControl
DrawEdge
DrawFocusRect
SetWindowRgn
GetAsyncKeyState
EnableScrollBar
IsMenu
LoadImageW
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
SetMenuDefaultItem
IsClipboardFormatAvailable
DestroyAcceleratorTable
CopyIcon
SetCursorPos
FrameRect
SetClassLongW
CharUpperBuffW
CreateAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
EnumChildWindows
GetMenuDefaultItem
GetIconInfo
GetDoubleClickTime
GetCaretPos
GetUpdateRect
SubtractRect
IsCharLowerW
MapVirtualKeyExW
DestroyCursor
GetClipboardData
SendNotifyMessageW
HideCaret
GetWindowRgn
SetCaretPos
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
CountClipboardFormats
EnableWindow
LoadIconW
SetForegroundWindow
KillTimer
SetTimer
IsWindowVisible
GetClientRect
IsIconic
GetSystemMenu
SendMessageW
DrawIcon

gdi32

GetNearestPaletteIndex
ExtFloodFill
SetPaletteEntries
CreatePalette
GetPaletteEntries
FillRgn
FrameRgn
SetDIBColorTable
LPtoDP
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesW
RealizePalette
GetDIBits
StretchBlt
OffsetRgn
CreateRoundRectRgn
CreateDIBSection
CreateEllipticRgn
Rectangle
Ellipse
RoundRect
Polygon
CreatePolygonRgn
Polyline
SetPixel
GetSystemPaletteEntries
PtInRegion
GetBoundsRect
SetPixelV
EnumFontFamiliesExW
GetViewportOrgEx
GetTextFaceW
GetWindowOrgEx
GetTextMetricsW
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateCompatibleBitmap
GetRgnBox
GetTextColor
GetBkColor
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
GetObjectW
CreateBitmap
CreateDCW
CopyMetaFileW
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteValueW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegSetValueW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW

shell32

SHAppBarMessage
SHGetPathFromIDListW
SHBrowseForFolderW
DragAcceptFiles
DragQueryFileW
DragFinish
SHGetFileInfoW
ShellExecuteW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIPasteSpecialW
OleUIBusyW
OleUIInsertObjectW
OleUIObjectPropertiesW

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitializeEx
CoFreeUnusedLibraries
OleInitialize
CoCreateInstance
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoInitialize
CoUninitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoCreateGuid
StringFromGUID2
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
OleUninitialize
OleDraw
OleLockRunning
OleSetMenuDescriptor
CreateFileMoniker
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleSave
WriteClassStm
OleSaveToStream
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
WriteClassStg

oleaut32

VarBstrFromDate
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadTypeLi
VariantChangeType
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
VariantClear
VariantInit
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
VarUdateFromDate

gdiplus

GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDeleteGraphics
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipBitmapLockBits
GdipAlloc
GdipFree
GdipDisposeImage
GdiplusStartup
GdiplusShutdown
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM

winmm

PlaySoundW

comctl32

ImageList_GetIconSize

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d052377bcd8401afa9e93d452782d181

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

gdiplus

winmm

comctl32

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 527KB - Virtual size: 526KB

.data Size: 34KB - Virtual size: 58KB

.rsrc Size: 4.5MB - Virtual size: 4.5MB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 527KB - Virtual size: 526KB

.data
Size: 34KB - Virtual size: 58KB

.rsrc
Size: 4.5MB - Virtual size: 4.5MB