2024-04-27_240af08dd818939515c7fcbb252569c8_bkransomware_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-27_240af08dd818939515c7fcbb252569c8_bkransomware_icedid
Size

1.7MB
MD5

240af08dd818939515c7fcbb252569c8
SHA1

af33a72395e87766e39faf46870ccbefdd03f480
SHA256

83571f3c73407a832884987eaa1033f9583978620dd04b46c609aa751960edff
SHA512

d1fb22711ef9446af0f9c32135b88417e34f1282ffb216fb2a480a472019b0480b88aa7930fe1faeb494ee16e81aa1bb2d276f295a8b7112db628311055370b7
SSDEEP

49152:uGGf09/AzEoxWV+nhmH6oAZXZ6jA3iiQG7571jtVDA:cf09/AzEooV+nu6oyZ6k39171jtVD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-27_240af08dd818939515c7fcbb252569c8_bkransomware_icedid

Files

2024-04-27_240af08dd818939515c7fcbb252569c8_bkransomware_icedid
.exe windows:5 windows x86 arch:x86

9a3fa01d1b62fbfb4bcc108a5184fb3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Todd\Documents\GitHub\KeypointSoftkey\Release\Softkey.pdb

Imports

kernel32

LCMapStringW
GetConsoleCP
GetConsoleMode
ReadConsoleW
GetOEMCP
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
GetACP
IsValidCodePage
GetStringTypeW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
SizeofResource
GetFileType
SetStdHandle
ExitThread
GetModuleHandleExW
ExitProcess
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineW
GetTimeFormatW
VirtualProtect
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
GetWindowsDirectoryW
SetErrorMode
GetCurrentDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
DeleteFileW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
FindClose
GetDateFormatW
GetTimeZoneInformation
GetCPInfo
FindResourceExW
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
WaitForSingleObject
GetCurrentProcessId
lstrcmpA
GetVersionExW
GetCurrentThread
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
OutputDebugStringA
FileTimeToSystemTime
LocalAlloc
LoadLibraryExW
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
FileTimeToLocalFileTime
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalSize
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
ReadFile
WriteFile
FlushFileBuffers
DisconnectNamedPipe
ConnectNamedPipe
SetLastError
CreateFileW
CreateNamedPipeW
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateThread
GetTickCount
lstrcpynW
CloseHandle
ReleaseMutex
CreateMutexW
GetLastError
FindResourceW
LoadResource
LockResource
SetFilePointerEx

user32

GetDoubleClickTime
SetClassLongW
LockWindowUpdate
SetRect
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
SetParent
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
PostThreadMessageW
GetSystemMenu
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
MapVirtualKeyW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
DestroyIcon
IntersectRect
DeleteMenu
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CopyImage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
CharUpperW
GetSysColorBrush
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
FillRect
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
CopyIcon
PostQuitMessage
SendDlgItemMessageA
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
SetMenuDefaultItem
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetWindowRgn
PostMessageW
GetMessageTime
DestroyCursor
MapDialogRect
CreateMenu
SubtractRect
GetUpdateRect
GetWindowThreadProcessId
IsClipboardFormatAvailable
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetWindowRect
LoadMenuW
GetParent
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDesktopWindow
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
KillTimer
SetTimer
InvalidateRect
DrawIcon
GetSystemMetrics
GetClientRect
IsIconic
LoadImageW
SendMessageW
LoadIconW
LoadCursorW
SetCursor
EnableWindow
RealChildWindowFromPoint

gdi32

CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
CombineRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
SetROP2
SetPolyFillMode
GetLayout
GetTextMetricsW
GetTextExtentPoint32W
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
CreateSolidBrush
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
SetTextAlign

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

CryptCreateHash
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
CryptDestroyHash
CryptEncrypt
CryptDeriveKey
CryptHashData
RegCreateKeyExW
CryptReleaseContext
CryptDestroyKey
CryptGetKeyParam
CryptGetUserKey
CryptSetKeyParam
CryptGenKey
CryptAcquireContextW
CryptDecrypt
CryptExportKey
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

shell32

ShellExecuteExW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderW
Shell_NotifyIconW
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetThemeSysColor
GetThemePartSize
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData

ole32

CoDisconnectObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleLockRunning
DoDragDrop
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal

oleaut32

SysFreeString
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen

wininet

HttpOpenRequestW
HttpSendRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
HttpQueryInfoW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a3fa01d1b62fbfb4bcc108a5184fb3a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

wininet

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 321KB - Virtual size: 321KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 321KB - Virtual size: 321KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 28KB - Virtual size: 27KB