2024-04-25_d7a3216ff47d291aa2a29ecc2d5f732f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-25_d7a3216ff47d291aa2a29ecc2d5f732f_icedid
Size

964KB
MD5

d7a3216ff47d291aa2a29ecc2d5f732f
SHA1

cd19f5f7c3d33a0223e460c7387cdffe0ef92441
SHA256

bb285c5ff6f230a78509829c8424c3880517d6bec8ec5c02b8e00aa2ce2fa310
SHA512

a1ce680c186f9d2d7a5ff9c0e671c72ff1881c4074e40f00f84a56fad00910d19d2f8b25d9524d833ed657b4dacc6abfe80f4826305773f43cce91cfc1200578
SSDEEP

12288:iHC58rEyMIdb+uTktkXdYKFs2bMaJerK99UZj1UHnoOZX3lshF4AmLO9EMmz:6CZyMGJdYQbVWj1UIOZyF4AmLAEMmz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-25_d7a3216ff47d291aa2a29ecc2d5f732f_icedid

Files

2024-04-25_d7a3216ff47d291aa2a29ecc2d5f732f_icedid
.exe windows:4 windows x86 arch:x86

f8d3fe725bc1998ba6db1165978e4c00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\fr_sp_tu321\AP\Release_Vista\ApUI.pdb

Imports

wlanui

WlanUIEditProfile

wlanapi

WlanDisconnect
WlanGetNetworkBssList
WlanGetAvailableNetworkList
WlanSetProfile
WlanGetInterfaceCapability
WlanGetProfile
WlanGetProfileList
WlanSetProfilePosition
WlanScan
WlanQueryInterface
WlanSetInterface
WlanEnumInterfaces
WlanFreeMemory
WlanCloseHandle
WlanDeleteProfile
WlanConnect
WlanReasonCodeToString
WlanRegisterNotification
WlanOpenHandle

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

setupapi

SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA
SetupDiDestroyDeviceInfoList

iphlpapi

GetAdaptersInfo

rpcrt4

RpcBindingFree
RpcStringFreeA
RpcMgmtIsServerListening
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall2

kernel32

GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
GetModuleFileNameW
InterlockedDecrement
GetCurrentProcessId
lstrcmpA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventA
FindResourceExA
GetAtomNameA
InterlockedIncrement
LocalAlloc
GetFileSize
TlsGetValue
EnterCriticalSection
GlobalReAlloc
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
GetTickCount
RtlUnwind
HeapFree
HeapAlloc
GetTimeFormatA
GetDateFormatA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
ExitThread
CreateThread
HeapSize
GetACP
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
GetStdHandle
GetTimeZoneInformation
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
DuplicateHandle
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
MulDiv
VirtualProtect
ExpandEnvironmentStringsA
GetLocaleInfoA
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
InterlockedExchange
Sleep
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetModuleHandleA
MultiByteToWideChar
WinExec
LoadLibraryA
GetProcAddress
lstrcpyA
lstrlenA
lstrcatA
FreeLibrary
SetLastError
CreateFileA
DeviceIoControl
CloseHandle
GetVersionExA
GetCurrentProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateMutexA
GetLastError
GetCurrentDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
FindFirstFileA
FindClose
ReleaseMutex
GlobalHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetSystemDirectoryA
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
IsValidLocale
GetThreadLocale
LeaveCriticalSection

user32

BeginPaint
EndPaint
InflateRect
GetMenuItemInfoA
DestroyMenu
GetDialogBaseUnits
GetSysColorBrush
LoadCursorA
UnregisterClassA
DeleteMenu
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRect
InvalidateRgn
GetNextDlgGroupItem
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
GetSystemMenu
SetParent
UnionRect
PostThreadMessageA
GetDCEx
LockWindowUpdate
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetWindowContextHelpId
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
GetWindowThreadProcessId
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
GetClientRect
GetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetCapture
GetActiveWindow
SetActiveWindow
MapDialogRect
SetWindowPos
ShowWindow
GetAsyncKeyState
GetFocus
SetFocus
GetWindowLongA
GetDlgItem
IsWindowEnabled
CharUpperW
CharUpperA
CharLowerW
CharLowerA
IsCharAlphaA
MessageBeep
GetSystemMetrics
GetCursorPos
LoadIconA
SetForegroundWindow
LoadMenuA
ModifyMenuA
GetSubMenu
UpdateWindow
LoadBitmapA
IsWindow
IsCharAlphaNumericA
GetParent
FindWindowA
PostMessageA
GetWindowRect
RedrawWindow
MapWindowPoints
wsprintfA
LoadImageA
SendMessageA
EnableWindow
KillTimer
SetTimer
SetWindowPlacement

gdi32

SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
GetObjectType
EnumMetaFile
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
BitBlt
PlayMetaFile
CreatePen
MoveToEx
CreateSolidBrush
OffsetClipRgn
CreateFontIndirectA
GetTextMetricsA
EnumFontFamiliesExA
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
CreateCompatibleBitmap
SelectPalette
GetCharWidthA
CreateFontA
StretchDIBits
ExtCreatePen
LineTo
GetStockObject
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateHatchBrush
GetTextExtentPoint32A
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
PlayMetaFileRecord

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
EqualSid
FreeSid
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
ControlService
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA

shell32

DragQueryFileA
DragFinish
ExtractIconA
SHGetFileInfoA
Shell_NotifyIconA
ShellExecuteA

oledlg

ord8

ole32

ReadFmtUserTypeStg
OleRegGetUserType
ReadClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoCreateInstance
WriteClassStg
CoDisconnectObject

oleaut32

VariantClear
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
LoadTypeLi
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SafeArrayDestroyData

shlwapi

PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA

Sections

.text
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8d3fe725bc1998ba6db1165978e4c00

Headers

File Characteristics

PDB Paths

Imports

wlanui

wlanapi

version

setupapi

iphlpapi

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oledlg

ole32

oleaut32

shlwapi

Sections

.text Size: 696KB - Virtual size: 695KB

.rdata Size: 176KB - Virtual size: 175KB

.data Size: 16KB - Virtual size: 45KB

.rsrc Size: 72KB - Virtual size: 70KB

.text
Size: 696KB - Virtual size: 695KB

.rdata
Size: 176KB - Virtual size: 175KB

.data
Size: 16KB - Virtual size: 45KB

.rsrc
Size: 72KB - Virtual size: 70KB